CVE-2026-27870 is a medium-severity vulnerability in Regesta Smart HD-PLC by Teldat. An attacker with network access and registration privileges can inject arbitrary JavaScript via a Cross-site Scripting (XSS) payload in the 'Hostname' field of the configuration file. This results in an XSS vulnerability in the /upgrade/query.php?cmd=p+3%3Bversion path. The affected product is Regesta Smart HD-PLC - TLDPH [truncated]
CVE-2026-27869 is a medium-severity vulnerability in the Regesta Smart HD-PLC device by Teldat. An attacker with network access can exploit this vulnerability using a Slow Loris attack, causing a Denial of Service (DoS) on the device's web interface. The affected software version is 11.02.05.10.02. This issue was published on June 17, 2026, and last modified on the same day. The CVSS score for this vulner [truncated]
