CVE-2026-27868

Summary

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a information disclosure. This issue affects Regesta Smart HD-PLC - TLDPH16D2: 11.02.05.10.02.

Affected Software

VendorProductVersion RangeStatus
TeldatRegesta Smart HD-PLC - TLDPH16D211.02.05.10.02affected
TeldatRegesta Smart HD-PLC - TLDPH16D211.02.06.00.02unaffected

Weaknesses

  • CWE-201: CWE-201 Insertion of sensitive information into sent data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References