Описание
Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.43.15 (включая)
Одновременно
cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.59718
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
EPSS
Процентиль: 98%
0.59718
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22