CVE-2019-14423

A Remote Code Execution (RCE) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to execute system commands as root remotely via a simple HTTP request.

Date published : 2019-10-17

https://noskill1337.github.io/homematic-with-cux-daemon-remote-code-execution

https://www.eq-3.com/products/homematic.html