CVE-2020-12834
CRITICALeQ-3 Homematic CCU2 < 2.51.6 & CCU3 < 3.51.6 - RCE via ReGa.runScript JSON API
Title source: llmDescription
eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup (or factory reset).
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://psytester.github.io/CVE-2020-12834/
Scores
CVSS v3
9.8
EPSS
0.1107
EPSS Percentile
95.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (2)
eq-3/ccu3_firmware
< 3.51.6
eq-3/homematic_ccu2_firmware
< 2.51.6
Published
May 15, 2020
Tracked Since
Feb 18, 2026