Description
An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a information disclosure. This issue affects Regesta Smart HD-PLC - TLDPH16D2:
11.02.05.10.02.
Published: 2026-06-17
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Regesta Smart HD‑PLC device running firmware 11.02.05.10.02 contains an information‑disclosure flaw. An attacker with network access can invoke the /upgrade/query.php script using the harmless‑looking command parameter (cmd=p+3&3Bversion). Because the device does not require user registration for this operation, the request returns detailed version and system information, thereby exposing sensitive data. This vulnerability is a direct manifestation of CWE‑201, where internal information is inadvertently revealed.

Affected Systems

The affected product is Teldat’s Regesta Smart HD‑PLC – TLDPH16D2 model. Only firmware version 11.02.05.10.02 is vulnerable. The newer 11.02.06.00.02 firmware provided by Teldat already contains the fix. Devices run the old firmware on the network and are at risk.

Risk and Exploitability

The CVSS score of 6.9 classifies this flaw as moderate, and the EPSS score of less than 1% indicates a low likelihood of exploitation. However, the vulnerability is accessible over the network without authentication or registration and does not require special privileges, so an attacker could easily discover it. The flaw is not listed in CISA’s KEV catalog, but because it involves publicly disclosed sensitive information, remediation is still warranted.

Generated by OpenCVE AI on June 18, 2026 at 12:36 UTC.

Remediation

Vendor Solution

The provider has implemented the new version  11.02.06.00.02  which solves the security problems detected in the affected version. The end user has to download the new version in the Teldat - Client Support Portal and implement it in the device ( https://support.teldat.com/portal/supportcontent?page=cgs-customer-global-support&none=true&language=en-US ).


OpenCVE Recommended Actions

  • Update the device firmware to version 11.02.06.00.02 using the Teldat Client Support Portal.
  • Restrict network access to the Regesta Smart HD‑PLC by implementing firewall rules or VLAN segmentation, allowing only trusted management hosts to reach the device.
  • Disable the /upgrade/query.php endpoint or block the cmd parameter if configuration allows to prevent unintended information disclosure.

Generated by OpenCVE AI on June 18, 2026 at 12:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 11:45:00 +0000


Wed, 17 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 17 Jun 2026 09:45:00 +0000

Type Values Removed Values Added
Description An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a information disclosure. This issue affects Regesta Smart HD-PLC - TLDPH16D2: 11.02.05.10.02.
Title PUBLICATION OF SENSITIVE INFORMATION ON REGESTA SMART HD-PLC OF TELDAT
First Time appeared Teldat
Teldat regesta Smart Hd-plc - Tldph16d2
Weaknesses CWE-201
CPEs cpe:2.3:a:teldat:regesta_smart_hd-plc_-_tldph16d2:11.02.05.10.02:*:*:*:*:*:*:*
cpe:2.3:a:teldat:regesta_smart_hd-plc_-_tldph16d2:11.02.06.00.02:*:*:*:*:*:*:*
Vendors & Products Teldat
Teldat regesta Smart Hd-plc - Tldph16d2
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Teldat Regesta Smart Hd-plc - Tldph16d2
cve-icon MITRE

Status: PUBLISHED

Assigner: HackRTU

Published:

Updated: 2026-07-01T11:16:53.423Z

Reserved: 2026-02-24T08:59:28.139Z

Link: CVE-2026-27868

cve-icon Vulnrichment

Updated: 2026-06-17T12:48:16.600Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-20T23:05:10Z

Weaknesses
  • CWE-201

    Insertion of Sensitive Information Into Sent Data