Skip to main content

Regesta Smart Hd Plc Tldph16D2

3 CVEs product

Monthly

CVE-2026-27869 MEDIUM PATCH This Month

The web management interface of the Teldat Regesta Smart HD-PLC (model TLDPH16D2, firmware 11.02.05.10.02) is susceptible to resource exhaustion via a Slow Loris attack, making the administrative interface unavailable to legitimate operators. An unauthenticated network attacker can trigger this condition without any prior registration or credentials, as the embedded web server imposes no connection-hold limits or timeouts per CWE-770. No public exploit code or active exploitation has been identified at time of analysis; a vendor-released patch is available through the Teldat support portal.

Denial Of Service Regesta Smart Hd Plc Tldph16D2
NVD
CVSS 4.0
6.9
EPSS
0.5%
CVE-2026-27870 MEDIUM PATCH This Month

Stored cross-site scripting in Teldat's Regesta Smart HD-PLC (TLDPH16D2, firmware 11.02.05.10.02) allows a privileged, authenticated attacker to inject arbitrary JavaScript into the device's 'Hostname' configuration field, which executes in the browser of any user who subsequently loads the `/upgrade/query.php?cmd=p+3%3Bversion` endpoint. The CVSS 4.0 score of 4.8 reflects meaningful constraints: high-privilege access (PR:H) is required to write the malicious configuration, and victim user interaction (UI:P) is needed to trigger execution. No public exploit identified at time of analysis and not listed in CISA KEV; a vendor patch is available.

PHP XSS Regesta Smart Hd Plc Tldph16D2
NVD
CVSS 4.0
4.8
EPSS
0.5%
CVE-2026-27868 MEDIUM PATCH This Month

Unauthenticated information disclosure in the Teldat Regesta Smart HD-PLC (model TLDPH16D2, firmware 11.02.05.10.02) exposes version and privilege data via a PHP-based upgrade query endpoint accessible over the network without any login or registration. An attacker sends a crafted HTTP request to /upgrade/query.php?cmd=p+3&3Bversion and receives sensitive system metadata in the response, violating CWE-201 by returning information that should be restricted. No active exploitation has been confirmed (not in CISA KEV), and the direct impact is limited to confidentiality, but the exposed data can enable targeted follow-on attacks against this HD-PLC networking device.

PHP Information Disclosure Regesta Smart Hd Plc Tldph16D2
NVD
CVSS 4.0
6.9
EPSS
0.5%
EPSS 1% CVSS 6.9
MEDIUM PATCH This Month

The web management interface of the Teldat Regesta Smart HD-PLC (model TLDPH16D2, firmware 11.02.05.10.02) is susceptible to resource exhaustion via a Slow Loris attack, making the administrative interface unavailable to legitimate operators. An unauthenticated network attacker can trigger this condition without any prior registration or credentials, as the embedded web server imposes no connection-hold limits or timeouts per CWE-770. No public exploit code or active exploitation has been identified at time of analysis; a vendor-released patch is available through the Teldat support portal.

Denial Of Service Regesta Smart Hd Plc Tldph16D2
NVD
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Stored cross-site scripting in Teldat's Regesta Smart HD-PLC (TLDPH16D2, firmware 11.02.05.10.02) allows a privileged, authenticated attacker to inject arbitrary JavaScript into the device's 'Hostname' configuration field, which executes in the browser of any user who subsequently loads the `/upgrade/query.php?cmd=p+3%3Bversion` endpoint. The CVSS 4.0 score of 4.8 reflects meaningful constraints: high-privilege access (PR:H) is required to write the malicious configuration, and victim user interaction (UI:P) is needed to trigger execution. No public exploit identified at time of analysis and not listed in CISA KEV; a vendor patch is available.

PHP XSS Regesta Smart Hd Plc Tldph16D2
NVD
EPSS 1% CVSS 6.9
MEDIUM PATCH This Month

Unauthenticated information disclosure in the Teldat Regesta Smart HD-PLC (model TLDPH16D2, firmware 11.02.05.10.02) exposes version and privilege data via a PHP-based upgrade query endpoint accessible over the network without any login or registration. An attacker sends a crafted HTTP request to /upgrade/query.php?cmd=p+3&3Bversion and receives sensitive system metadata in the response, violating CWE-201 by returning information that should be restricted. No active exploitation has been confirmed (not in CISA KEV), and the direct impact is limited to confidentiality, but the exposed data can enable targeted follow-on attacks against this HD-PLC networking device.

PHP Information Disclosure Regesta Smart Hd Plc Tldph16D2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy