Version of Command Centre affected:
* 9.50 prior to vCR9.50.260616a (distributed in 9.50.1587(MR1))
* 9.40 prior to vCR9.40.260616a (distributed in 9.40.3130(MR3))
* 9.30 prior to vCR9.30.260616a (distributed in 9.30.3983(MR5))
* 9.20 prior to vCR9.20.260616a (distributed in 9.20.4349(MR7))
* all versions of 9.10 and prior.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 16 Jul 2026 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncaught Exception Allows Operator to Trigger Controller Restart Resulting in Denial of Service |
Mon, 13 Jul 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Operator Can Restart Gallagher Controller Causing Temporary Denial of Service |
Sun, 12 Jul 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Operator Can Restart Gallagher Controller Causing Temporary Denial of Service |
Sat, 11 Jul 2026 05:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Controller Diagnostic Interface Restart Denial of Service |
Fri, 10 Jul 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Controller Diagnostic Interface Restart Denial of Service |
Thu, 09 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncaught Exception in Diagnostic Web Interface Allows Controller Restart (Denial of Service) |
Wed, 08 Jul 2026 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncaught Exception in Diagnostic Web Interface Allows Controller Restart (Denial of Service) |
Wed, 08 Jul 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Operator Can Trigger Controller Restart Causing Temporary Denial of Service |
Tue, 07 Jul 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Operator Can Trigger Controller Restart Causing Temporary Denial of Service |
Tue, 07 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 07 Jul 2026 05:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Uncaught Exception (CWE-248) in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: * 9.50 prior to vCR9.50.260616a (distributed in 9.50.1587(MR1)) * 9.40 prior to vCR9.40.260616a (distributed in 9.40.3130(MR3)) * 9.30 prior to vCR9.30.260616a (distributed in 9.30.3983(MR5)) * 9.20 prior to vCR9.20.260616a (distributed in 9.20.4349(MR7)) * all versions of 9.10 and prior. | |
| Weaknesses | CWE-248 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Gallagher
Published:
Updated: 2026-07-07T13:36:54.335Z
Reserved: 2026-03-01T23:45:09.678Z
Link: CVE-2026-27844
Updated: 2026-07-07T13:36:50.650Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-16T23:15:08Z