EUVD-2026-1225

ID: EUVD-2026-1225

Severity: medium

CVSS v4: 6.9 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02

Timestamps

Normalized: 2026-01-07T23:48:06Z UTC
Last updated: 2026-01-07T23:48:06Z UTC

References

No references provided.

VulnAI

EUVD-2026-1225

Description

Timestamps

References