Kieback & Peter · Sm70 Phweb · CVE-2025-6225
**Name of the Vulnerable Software and Affected Versions**
Kieback&Peter Neutrino-GLT versions prior to 9.40.02
**Description**
The web component "SM70 PHWEB" of the Kieback&Peter Neutrino-GLT product, used for building management, contains a shell command injection flaw through the login form. Successful exploitation allows execution of commands with low privileges.
**Recommendations**
Update to version 9.40.02 or later.