Skip to main content

CVE-2025-6225

OS Command Injection (CWE-78)
2026-01-07 cvd@cert.pl

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 07, 2026 - 14:15 nvd
N/A

DescriptionCVE.org

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02

AnalysisAI

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form.

Technical ContextAI

Classified as CWE-78 (OS Command Injection). Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02

Affected ProductsAI

Fixed in: version 9

RemediationAI

Fixed in version 9.40.02.

Share

CVE-2025-6225 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy