CVSS N/A

2019-08-13 22:15:12 2019-08-14 13:19:54

eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.

Advisory Patch Confirmed Link
https://psytester.github.io/CVE-2019-14985/