CVE-2018-7297
57Vexday Risk Score
Prioritize patching. It exploitation observed by VulnCheck and has a public proof of concept.
ssvc Actepss 65%
from disclosure to weapon36 days
Published on NVDFeb 22
1st PoC+36d
VulnCheck+475d
exploitation probability
65%top 1% of all CVEs
observed exploitation
yesVulnCheck
2 public exploit(s)
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/44368/unverifiedexploitdbwww.exploit-db.com/exploits/44368unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.