PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-27870 Teldat CVE debrief

CVE-2026-27870 is a medium-severity vulnerability in Regesta Smart HD-PLC by Teldat. An attacker with network access and registration privileges can inject arbitrary JavaScript via a Cross-site Scripting (XSS) payload in the 'Hostname' field of the configuration file. This results in an XSS vulnerability in the /upgrade/query.php?cmd=p+3%3Bversion path. The affected product is Regesta Smart HD-PLC - TLDPH16D2, version 11.02.05.10.02. Organizations using this product should prioritize patching to prevent potential attacks.

Vendor
Teldat
Product
Regesta Smart HD-PLC - TLDPH16D2
CVSS
MEDIUM 4.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-17
Original CVE updated
2026-06-17
Advisory published
2026-06-17
Advisory updated
2026-06-17

Who should care

Organizations using Regesta Smart HD-PLC - TLDPH16D2, version 11.02.05.10.02, should be aware of this vulnerability and take immediate action to patch their systems. Additionally, network administrators and security teams responsible for managing and securing network devices should be informed about this vulnerability to ensure proper mitigation.

Technical summary

The vulnerability CVE-2026-27870 is a Cross-site Scripting (XSS) issue in Regesta Smart HD-PLC by Teldat. An attacker with network access and registration privileges can inject arbitrary JavaScript code into the 'Hostname' field of the configuration file. This code is then executed in the context of the /upgrade/query.php?cmd=p+3%3Bversion path, leading to a potential XSS attack. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 4.8, indicating a medium severity level. The CVSS vector is CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

medium

Recommended defensive actions

  • Apply the latest patch or update for Regesta Smart HD-PLC - TLDPH16D2 to version 11.02.05.10.02 or later.
  • Restrict access to the configuration file and the /upgrade/query.php path to only authorized personnel.
  • Implement input validation and sanitization for the 'Hostname' field to prevent XSS payload injection.
  • Use a Web Application Firewall (WAF) to detect and block potential XSS attacks.
  • Regularly monitor the system for suspicious activity and update the firmware and software to the latest versions.
  • Limit network exposure for the Regesta Smart HD-PLC device to minimize the attack surface.

Evidence notes

The information provided is based on the CVE-2026-27870 record from the National Vulnerability Database (NVD) and other reliable sources. The vulnerability affects Regesta Smart HD-PLC - TLDPH16D2, version 11.02.05.10.02. The CVSS score and vector are also provided by the NVD. Additional details can be found in the references provided.

Official resources

public