[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":96,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":103,"vulnerability-14823":109,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":144},[4,15,22,29,36,43,50,57,62,69,74,80,85,90],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting","compliance-advanced-pentest-reporting","Prove your compliance. Get built-in validation with audit-ready reports.","https://pentest-tools.com/pricing",false,[11],"/features/advanced-pentest-reporting","Unlock audit-ready reports","primary",null,{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":21,"variant":13,"campaign_id":14},"Compliance - Integrations","compliance-integrations","Disconnected tools hide compliance breaches. Stay audit-ready 24/7 with the right integrations.",[20],"/features/integrations","Automate your compliance",{"title":23,"slug":24,"text":25,"link":8,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":14},"Compliance - ML Classifier","compliance-ml-classifier","Put compliance on Auto this year with 50% fewer FPs. Go deeper with the WebNetSec plan.",[27],"/features/machine-learning-classifier","Explore WebNetSec",{"title":30,"slug":31,"text":32,"link":8,"external":9,"targets":33,"cta":35,"variant":13,"campaign_id":14},"Compliance - Pentest Robots","compliance-pentest-robots","Put compliance on Auto with Pentest Robots. Available with any plan.",[34],"/features/pentest-robots","Automate continuous scans",{"title":37,"slug":38,"text":39,"link":8,"external":9,"targets":40,"cta":42,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter","compliance-sniper-auto-exploiter","Get audit-ready proof and put compliance on Auto with our proprietary Sniper: Auto-exploiter. Available with Pentest Suite.",[41],"/exploit-helpers/sniper","Get proof with Pentest Suite",{"title":44,"slug":45,"text":46,"link":8,"external":9,"targets":47,"cta":49,"variant":13,"campaign_id":14},"Compliance - Network Scanner","compliance-network-scanner","Map your attack surface and prove infrastructure compliance with the Network Scanner. Available with any plan.",[48],"/network-vulnerability-scanning/network-security-scanner-online","Upgrade your plan",{"title":51,"slug":52,"text":53,"link":8,"external":9,"targets":54,"cta":56,"variant":13,"campaign_id":14},"Compliance - Website Scanner","compliance-website-scanner","Prove real risk instantly and put compliance on Auto with the Website Scanner. Available with the WebNetSec plan.",[55],"/website-vulnerability-scanning/website-scanner","Unlock AppSec compliance",{"title":58,"slug":59,"text":60,"link":8,"external":9,"targets":61,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting (A-B test)","compliance-advanced-pentest-reporting-1","Stop piecing together reports manually. Upgrade today to unlock instant proof for audits.",[11],{"title":63,"slug":64,"text":65,"link":8,"external":9,"targets":66,"cta":67,"variant":68,"campaign_id":14},"Compliance - Integrations (A-B test)","compliance-integrations-1","Disconnected tools will fail your next audit. Unlock the integrations needed for compliance.",[20],"Connect your stack","secondary",{"title":70,"slug":71,"text":72,"link":8,"external":9,"targets":73,"cta":28,"variant":13,"campaign_id":14},"Compliance - ML Classifier (A-B test)","compliance-ml-classifier-1","Ghost vulnerabilities drain time and chip your compliance. Upgrade to WebNetSec to stay audit-ready with 50% fewer FPs.",[27],{"title":75,"slug":76,"text":77,"link":8,"external":9,"targets":78,"cta":79,"variant":13,"campaign_id":14},"Compliance - Network Scanner (A-B test)","compliance-network-scanner-1","Unmapped assets are compliance landmines - upgrade your plan with complete attack surface visibility.",[48],"Get deep network scans",{"title":81,"slug":82,"text":83,"link":8,"external":9,"targets":84,"cta":35,"variant":13,"campaign_id":14},"Compliance - Pentest Robots (A-B test)","compliance-pentest-robots-1","Don’t leave compliance to chance - deploy Pentest Robots to quickly automate your audit readiness.",[34],{"title":86,"slug":87,"text":88,"link":8,"external":9,"targets":89,"cta":42,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter (A-B test)","compliance-sniper-auto-exploiter-1","Deliver audit-ready proof instantly and stay compliant 24/7/365 - only with Sniper: Auto-Exploiter. Available with Pentest Suite.",[41],{"title":91,"slug":92,"text":93,"link":8,"external":9,"targets":94,"cta":95,"variant":13,"campaign_id":14},"Compliance - Website Scanner (A-B test)","compliance-website-scanner-1","Web vulnerabilities let in devastating compliance fines. Stay audit-ready with deep, proprietary scans. Available with the WebNetSec plan.",[55],"Upgrade to WebNetSec",["Island",97],{"key":98,"params":99,"result":101},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":100},"{}",{"head":102},{},["Island",104],{"key":105,"params":106,"result":107},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":100},{"head":108},{},{"id":110,"detectable_with":111,"vuln_details":118,"vuln_id":141,"name":142,"published":143,"updated":14},14823,{"tool":112,"engine":115},{"id":113,"name":114},1,"Network Scanner",{"id":116,"name":117},3,"OpenVAS",{"id":110,"codename":14,"description":14,"severity":119,"risk_description":120,"public_description":121,"public_recommendation":122,"recommendation":14,"references":123,"cvssv3":130,"epss_score":131,"epss_percentile":132,"cve":133,"in_cisa_catalog":9,"date":140,"software_type":14,"vendor":14,"product":14,"ptt_exploit_capabilities":14},"critical","HomeMatic CCU2 is prone to multiple vulnerabilities: - Directory Traversal / Arbitrary File Read in User.getLanguage method allows remote attackers to read the first line of an arbitrary file on the CCU2s filesystem. (CVE-2018-7296) - Remote Code Execution in the TCL script interpreter allows remote attackers to obtain read/write access and execute system commands on the device. (CVE-2018-7297) - In /usr/local/etc/config/addons/mh/loopupd.sh software update packages are downloaded via the HTTP protocol, which does not provide any cryptographic protection of the downloaded contents. (CVE-2018-7298) - Remote Code Execution in the addon installation process allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device. (CVE-2018-7299) - Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method allows remote attackers to write arbitrary files to the devices filesystem. (CVE-2018-7300) - Open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices. (CVE-2018-7301)","HomeMatic CCU2 is prone to multiple vulnerabilities.","No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.",[124,125,126,127,128,129],"https://atomic111.github.io/article/homematic-ccu2-fileread","https://atomic111.github.io/article/homematic-ccu2-remote-code-execution","https://atomic111.github.io/article/homematic-ccu2-firmware-via-plain-http","https://atomic111.github.io/article/homematic-ccu2-untrusted_addon","https://atomic111.github.io/article/homematic-ccu2-filewrite","https://atomic111.github.io/article/homematic-ccu2-xml-rpc",9.8,0.59303,0.98231,[134,135,136,137,138,139],"CVE-2018-7296","CVE-2018-7297","CVE-2018-7298","CVE-2018-7299","CVE-2018-7300","CVE-2018-7301","2018-02-22T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.140807","HomeMatic CCU2 Multiple Vulnerabilities","2018-02-23T00:00:00Z",["Island",145],{"key":146,"params":147,"result":149},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":148},"{\"text-color\":\"gray\"}",{"head":150},{}]