CVE-2025-6225

2026-01-07 [email protected]

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 07, 2026 - 14:15 nvd
N/A

Tags

Command Injection

Description

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02

Analysis

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form.

Technical Context

Classified as CWE-78 (OS Command Injection). Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02

Affected Products

Fixed in: version 9

Remediation

Fixed in version 9.40.02.

Priority Score

1
Low Medium High Critical
KEV: 0
EPSS: +1.5
CVSS: +0
POC: 0

Share

CVE-2025-6225 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy