Sign-up

ID

VAR-201802-1280


CVE

CVE-2018-7300


TITLE

eQ-3 AG Homematic CCU2 Path traversal vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2018-002466 // CNNVD: CNNVD-201802-553

DESCRIPTION

Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. eQ-3 AG Homematic CCU2 Contains path traversal vulnerabilities and authorization / privilege / access control vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The eQ-3AGHomematicCCU2 is a central control unit for the German eQ-3 company that controls smart home devices. A directory traversal vulnerability exists in User.setLanguage in eQ-3AGHomematicCCU22.29.2 and earlier

Trust: 2.34

sources: NVD: CVE-2018-7300 // JVNDB: JVNDB-2018-002466 // CNVD: CNVD-2018-05828 // VULHUB: VHN-137332 // VULMON: CVE-2018-7300

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-05828

AFFECTED PRODUCTS

vendor:eq 3model:homematic ccu2scope:lteversion:2.29.22

Trust: 1.0

vendor:eq 3model:homematic zentrale ccu2scope:lteversion:2.29.2

Trust: 0.8

vendor:eq 3model:ag homematic ccu2scope:lteversion:<=2.29.22

Trust: 0.6

vendor:eq 3model:homematic central control unit ccu2scope:eqversion:2.29.22

Trust: 0.6

sources: CNVD: CNVD-2018-05828 // JVNDB: JVNDB-2018-002466 // CNNVD: CNNVD-201802-553 // NVD: CVE-2018-7300

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-7300
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-7300
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-05828
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201802-553
value: CRITICAL

Trust: 0.6

VULHUB: VHN-137332
value: HIGH

Trust: 0.1

VULMON: CVE-2018-7300
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-7300
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-05828
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-137332
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-7300
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-7300
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-05828 // VULHUB: VHN-137332 // VULMON: CVE-2018-7300 // JVNDB: JVNDB-2018-002466 // CNNVD: CNNVD-201802-553 // NVD: CVE-2018-7300

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

problemtype:CWE-264

Trust: 0.9

sources: VULHUB: VHN-137332 // JVNDB: JVNDB-2018-002466 // NVD: CVE-2018-7300

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-553

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201802-553

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-002466

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-137332 // 
            
            
            
            VULMON: CVE-2018-7300

PATCH
title:HomeMatic Zentrale CCU2url:http://www.eq-3.de/produkte/homematic/zentralen-und-gateways/homematic-zentrale-ccu-2.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-002466

EXTERNAL IDS
db:NVDid:CVE-2018-7300
Trust: 3.2
db:EXPLOIT-DBid:44361
Trust: 1.8
db:JVNDBid:JVNDB-2018-002466
Trust: 0.8
db:CNVDid:CNVD-2018-05828
Trust: 0.6
db:CNNVDid:CNNVD-201802-553
Trust: 0.6
db:PACKETSTORMid:146990
Trust: 0.1
db:VULHUBid:VHN-137332
Trust: 0.1
db:VULMONid:CVE-2018-7300
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-05828 // 
            
            
            
            VULHUB: VHN-137332 // 
            
            
            
            VULMON: CVE-2018-7300 // 
            
            
            
            JVNDB: JVNDB-2018-002466 // 
            
            
            
            CNNVD: CNNVD-201802-553 // 
            
            
            
            NVD: CVE-2018-7300

REFERENCES
url:http://atomic111.github.io/article/homematic-ccu2-filewrite
Trust: 3.2
url:https://www.exploit-db.com/exploits/44361/
Trust: 1.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7300
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-7300
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/22.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-05828 // 
            
            
            
            VULHUB: VHN-137332 // 
            
            
            
            VULMON: CVE-2018-7300 // 
            
            
            
            JVNDB: JVNDB-2018-002466 // 
            
            
            
            CNNVD: CNNVD-201802-553 // 
            
            
            
            NVD: CVE-2018-7300

SOURCES
db:CNVDid:CNVD-2018-05828
db:VULHUBid:VHN-137332
db:VULMONid:CVE-2018-7300
db:JVNDBid:JVNDB-2018-002466
db:CNNVDid:CNNVD-201802-553
db:NVDid:CVE-2018-7300

LAST UPDATE DATE
2024-11-23T22:26:27.715000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-05828date:2018-03-21T00:00:00
db:VULHUBid:VHN-137332date:2020-04-14T00:00:00
db:VULMONid:CVE-2018-7300date:2020-04-14T00:00:00
db:JVNDBid:JVNDB-2018-002466date:2018-04-13T00:00:00
db:CNNVDid:CNNVD-201802-553date:2019-10-23T00:00:00
db:NVDid:CVE-2018-7300date:2024-11-21T04:11:57.887

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-05828date:2018-03-21T00:00:00
db:VULHUBid:VHN-137332date:2018-02-22T00:00:00
db:VULMONid:CVE-2018-7300date:2018-02-22T00:00:00
db:JVNDBid:JVNDB-2018-002466date:2018-04-13T00:00:00
db:CNNVDid:CNNVD-201802-553date:2018-03-06T00:00:00
db:NVDid:CVE-2018-7300date:2018-02-22T19:29:05.733