JUMO: Allegro RomPager webserver vulnerability in JUMO mTRONT, DICON touch, AQUIS touch devices

VDE-2026-071

Last update

06/23/2026 12:00

Published at

06/23/2026 12:00

Vendor(s)

JUMO GmbH & Co. KG

External ID

VDE-2026-071

CSAF Document

Download

Summary

Multiple products from JUMO are affected by webserver vulnerability "CVE-2013-6786, CVE-2014-9222, CVE-2014-9223. This vulnerability leads to DOS of the device by using a misfortune cookie and reflected XSS attacks.

Impact

DOS vulnerability of the device in case of Misfortune Cookie.
XSS vulnerability allows remote attackers to inject arbitrary web script or HTML.

Affected Product(s)

Model no.	Product name	Affected versions
	JUMO AQUIS touch	Firmware <304.09.04
	JUMO DICON touch	Firmware <266.04.07
	JUMO mTRON T Central Processing Unit	Firmware <248.05.02
	JUMO mTRON T Multifunction panel 840	Firmware <249.05.03

Vulnerabilities

Expand / Collapse all

Published

06/23/2026 09:35

Weakness

DEPRECATED: Code (CWE-17)

Summary

AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.

References

cve.org | nvd.nist.gov

Published

06/23/2026 09:35

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

Summary

Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows remote attackers to inject arbitrary web script or HTML by requesting a nonexistent URI in conjunction with a crafted HTTP Referer header that is not properly handled in a 404 page. NOTE: there is no CVE for a "URL redirection" issue that some sources list separately.

References

cve.org | nvd.nist.gov

Published

06/23/2026 09:35

Weakness

Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)

Summary

Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei Home Gateway products and other vendors and products, allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors related to authorization.

References

cve.org | nvd.nist.gov

Mitigation

Control the access to the devices webserver by using a Firewall to block traffic from untrusted networks.

Remediation

Update to latest software version.
For latest software version please contact
support@jumo.net.

Fixed for:
- Version 248.05.02 for JUMO mTRON T Central Processing Unit
- Version 249.05.03 for JUMO mTRON T Multifunction panel 840
- Version 266.04.07 for JUMO DICON touch
- Version 304.09.04 for JUMO AQUIS touch

Acknowledgments

JUMO GmbH & Co. KG thanks the following parties for their efforts:

CERT@VDE for coordination (see https://certvde.com )

Revision History

Version	Date	Summary
1.0.0	06/23/2026 12:00	initial release