24 matches found
CVE-2026-21659
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...
CVE-2026-21658
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the securit...
CVE-2026-21656
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21660
Summary: CVE-2026-21660 affects Frick Controls Quantum HD firmware prior to 10.22, with hardcoded email credentials stored in plaintext. This can lead to unauthorized access, exposure of sensitive information, and potential system compromise. The Red Hat advisory and related sources corroborate t...
CVE-2026-21657
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21658
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the securit...
CVE-2026-21657
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21659
The CVE-2026-21659 entry describes an unauthenticated Remote Code Execution and Information Disclosure due to a Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD (versions prior to 10.22). Affected component is the Frick Quantum HD system; root cause is LFI le...
CVE-2026-21659 Johnson Controls -Frick Quantum HD-Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...
CVE-2026-21658 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the securit...
CVE-2026-21658
Johnson Controls Frick Controls Quantum HD is affected by CVE-2026-21658, an unauthenticated remote code execution (code injection) vulnerability caused by insufficient validation of input parameters. The issue allows code execution before authentication, impacting Quantum HD versions up to 10.22...
CVE-2026-21657
CVE-2026-21657 : Johnson Controls Frick Controls Quantum HD (versions 10.22 and earlier) contains an unauthenticated code injection flaw due to insufficient input validation in certain parameters, enabling code generation/execution before authentication. Multiple sources (NVD/Red Hat/EUVD/NVD eco...
CVE-2026-21657 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21657 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21656
CVE-2026-21656 affects Johnson Controls Frick Controls Quantum HD (versions 10.22 and prior). The issue is an improper validation of input leading to code injection , potentially enabling actions before authentication. This aligns with an unauthenticated remote code execution impact described acr...
CVE-2026-21656 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21656
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21656 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21654
CVE-2026-21654 affects Johnson Controls Frick Controls Quantum HD (versions up to 10.22). Root cause: improper neutralization/validation of input leading to OS Command Injection. Impact: pre-authentication remote code execution and potential full device compromise; affected components/parameters ...
CVE-2026-21654 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...