← back
CVE-2018-7297observed exploitation

CVE-2018-7297

57Vexday Risk Score

Prioritize patching. It exploitation observed by VulnCheck and has a public proof of concept.

ssvc Actepss 65%
from disclosure to weapon36 days
Published on NVDFeb 22
1st PoC+36d
VulnCheck+475d
exploitation probability
65%top 1% of all CVEs
observed exploitation
yesVulnCheck
2 public exploit(s)
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.