Patrick Muench and Gregor Kopf

2 exploits Active since Feb 2018
CVE-2018-7300 EXPLOITDB CRITICAL ruby WORKING POC
Eq-3 Homematic Ccu2 Firmware < 2.29.22 - Path Traversal
Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
CVSS 9.8
CVE-2018-7297 EXPLOITDB CRITICAL ruby WORKING POC
Eq-3 Homematic Central Control Unit C... - Remote Code Execution
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
CVSS 9.8