CVE-2018-7299

Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt