CVE-2026-27868
CWE-201Published: June 17, 2026· Updated: Jun 17, 2026
Official Description
An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a information disclosure. This issue affects Regesta Smart HD-PLC - TLDPH16D2:
11.02.05.10.02.
Technical Analysis
CVE-2026-27868 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
All References (5)
Quick Facts
Related CVEs (CWE-201)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-27868 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts