216.73.217.98

CVE-2026-27870

· Published 17/06/2026 15:20 · Author: The MITRE Corporation

Labels: CVE-2026-27870 2026-06-17CVE-2026-27870CWE-79ffb98d57-deaa-4918-a669-5225ccc13e39

Essential information

Published
17/06/2026 15:20
Modified
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
4.8 MEDIUM (v4.0)
CISA KEV
No
CWE
CWE-79
EPSS (First)
P39.3% ?EPSS percentile: rank of this vulnerability versus all others. Higher percentile = more likely to be exploited. Learn more (score 0.00509)
CVSS vector

CVSS metrics

Description

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, registration action IS required) who has the vulnerable software could, introduce arbitrary JavaScript by injecting a Cross-site Scripting (XSS)  payload into the 'Hostname' field of the configuration file resulting in a XSS in the path /upgrade/query.php?cmd=p+3%3Bversion. This issue affects Regesta Smart HD-PLC - TLDPH16D2: 11.02.05.10.02.

NVD status

NVD
View on NVD