CVE-2026-21654 – Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

CVE ID : CVE-2026-21654

Published : 27. Februar 2026 08:38 | 33 Minuten ago

Description : Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection.This issue affects Frick Controls Quantum HD version 10.22 and prior.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-1434 – Reflected XSS in Omega-PSIR

CVE-2026-21660 – Johnson Controls-Frick Quantum HD-Hardcoded Email Credentials Saved as Plaintext in Firmware

CVE-2026-21659 – Johnson Controls -Frick Quantum HD-Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion

CVE-2026-1305 – Japanized for WooCommerce