22 matches found
CVE-2026-4293
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...
CVE-2026-4293
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...
CVE-2026-4293
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...
PT-2026-42009
Name of the Vulnerable Software and Affected Versions Kieback & Peter DDC building controllers affected versions not specified Description Cross-site scripting XSS allows JavaScript to be executed by the victim's browser, enabling an attacker to control the browser. Recommendations At the moment,...
CVE-2025-6225
Kieback Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...
PT-2026-1655
Name of the Vulnerable Software and Affected Versions Kieback&Peter Neutrino-GLT versions prior to 9.40.02 Description The web component "SM70 PHWEB" of the Kieback&Peter Neutrino-GLT product, used for building management, contains a shell command injection flaw through the login form. Successful...
EUVD-2024-39161
Malicious code in bioql PyPI...
EUVD-2024-40462
Malicious code in bioql PyPI...
CVE-2024-41717
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow an unauthenticated attacker to read files on the system...
CVE-2024-43698 Kieback&Peter DDC4000 Series Use of Weak Credentials
Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system...
CVE-2024-43698 Kieback&Peter DDC4000 Series Use of Weak Credentials
Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system...
CVE-2024-43698
The CVE-2024-43698 issue affects Kieback&Peter DDC4000 series controllers (e.g., DDC4002, DDC4100, DDC4200, DDC4200-L, DDC4400, and their E versions) where the root cause is the use of weak credentials that may allow an unauthenticated attacker to obtain full administrator rights. Technical detai...
CVE-2024-43812 Kieback&Peter DDC4000 Series Path Traversal Insufficiently Protected Credentials
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all users on the system...
CVE-2024-43812 Kieback&Peter DDC4000 Series Path Traversal Insufficiently Protected Credentials
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all users on the system...
CVE-2024-41717 Kieback&Peter DDC4000 Series Path Traversal
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow an unauthenticated attacker to read files on the system...
CVE-2024-41717 Kieback&Peter DDC4000 Series Path Traversal
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow an unauthenticated attacker to read files on the system...
Kieback&Peter DDC4000 路径遍历漏洞
The Kieback&Peter DDC4000 is a building automation and control system from Kieback&Peter, a German company, that is used to manage and monitor various devices within a building. A path traversal vulnerability exists in the Kieback&Peter DDC4000 that originates from allowing an unauthenticated...
Kieback&Peter DDC4000 安全漏洞
The Kieback&Peter DDC4000 is a building automation and control system from Kieback&Peter, a German company, that is used to manage and monitor various devices in a building. A security vulnerability exists in the Kieback&Peter DDC4000 that stems from the use of weak credentials that could allow a...
Kieback&Peter DDC4000 安全漏洞
The Kieback&Peter DDC4000 is a building automation and control system from Kieback&Peter, Germany, that is used to manage and monitor various devices in a building. A security vulnerability exists in the Kieback&Peter DDC4000 that stems from the presence of insufficiently protected credentials,...
Kieback&Peter DDC4000 Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Kieback&Peter Equipment : DDC4000 Series Vulnerabilities : Path Traversal, Insufficiently Protected Credentials, Use of Weak Credentials 2. RISK EVALUATION Successful exploitation of these...