Joshua Lehr

**Name of the Vulnerable Software and Affected Versions** eQ-3 Homematic CCU-Firmware versions 2.35.16 through 2.45.6 **Description** A Remote Code Execution issue in the addon CUx-Daemon allows remote authenticated attackers to execute system commands as root remotely via a simple HTTP request. **Recommendations** For versions 2.35.16 through 2.45.6, consider disabling the CUx-Daemon addon until a patch is available to prevent remote code execution.

**Name of the Vulnerable Software and Affected Versions** eQ-3 Homematic CCU-Firmware versions 2.35.16 through 2.45.6 **Description** A Local File Inclusion (LFI) issue in the addon CUx-Daemon 1.11a allows remote authenticated attackers to read sensitive files via a simple HTTP Request. **Recommendations** For versions 2.35.16 through 2.45.6, consider restricting access to the CUx-Daemon addon until a patch is available.

**Name of the Vulnerable Software and Affected Versions** eQ-3 HomeMatic CCU3 firmware version 3.41.11 **Description** The issue allows session fixation, where an attacker can create session IDs and send them to the victim. After the victim logs in to the session, the attacker can use that session. This could lead to the creation of SSH logins after a valid session, potentially compromising the system. **Recommendations** For eQ-3 HomeMatic CCU3 firmware version 3.41.11, consider disabling SSH logins until a patch is available to prevent potential system compromise. As a temporary workaround, restrict access to sensitive sessions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** eQ-3 HomeMatic CCU3 version 3.41.11 **Description** The issue allows for Remote Code Execution in the `ReGa.runScript` method. An authenticated attacker can easily execute code and compromise the system. **Recommendations** For version 3.41.11, consider disabling the `ReGa.runScript` method until a patch is available to prevent Remote Code Execution.

**Name of the Vulnerable Software and Affected Versions** Lifesize Icon version 3.7.0 (2421) **Description** A Remote Code Execution issue in the DNS Query Web UI allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request. **Recommendations** For version 3.7.0 (2421), consider disabling access to the DNS Query Web UI until a patch is available to prevent exploitation.