Johnsoncontrols Frick_controls_quantum_hd_firmware
6 CVEs affecting Johnsoncontrols Frick_controls_quantum_hd_firmware. Latest disclosed: 2026-02-27. Critical: 6, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-21660 | Critical | 9.8 | 2026-02-27 | Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22… |
CVE-2026-21659 | Critical | 9.8 | 2026-02-27 | Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD … |
CVE-2026-21658 | Critical | 9.8 | 2026-02-27 | Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD… |
CVE-2026-21657 | Critical | 9.8 | 2026-02-27 | Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient valid… |
CVE-2026-21656 | Critical | 9.8 | 2026-02-27 | Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient valid… |
CVE-2026-21654 | Critical | 9.8 | 2026-02-27 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows O… |