Denial of Service in Gallagher Controller 6000 and 7000 Diagnostic Web Interface
CVE-2026-27844

2.7LOW

Key Information:

Vendor

Gallagher

Vendor
CVE Published:
7 July 2026

What is CVE-2026-27844?

An uncaught exception in the diagnostic web interface of Gallagher's Controller 6000 and 7000 can be triggered by an authenticated operator, leading to a temporary denial of service. This issue impacts multiple versions of the Command Centre software, highlighting the importance of updating to the latest version to mitigate potential disruptions.

Affected Version(s)

Controller 7000 and 6000 0 <= 9.10

Controller 7000 and 6000 9.50

Controller 7000 and 6000 9.40

References

CVSS V3.1

Score:
2.7
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.