cve/2019/CVE-2019-18939.md

### [CVE-2019-18939](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18939)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/abhav/nvd_scrapper
- https://github.com/muchdogesec/cve2stix
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-18939](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18939)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/abhav/nvd_scrapper`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/muchdogesec/cve2stix`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00