HTTP: Homematic CCU2 CVE-2018-7300 Directory Traversal/Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Homematic CCU2. A successful attack can lead to information disclosure then arbitrary code execution.

Extended Description

Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.

References

CVE: CVE-2018-7300

Short Name
HTTP:CVE-2018-7300-ID-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CCU2 CVE-2018-7300 Code Directory Execution Homematic Traversal/Remote
Release Date
02/07/2019
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3693
False Positive
Unknown
CVSS Score

10.0

Found a potential security threat?