A vulnerability identified as critical has been detected in Nefteprodukttekhnika BUK TS-G Gas Station Automation System up to 2.10.2 on Linux. The affected element is an unknown function of the file /php/ajax-login.php of the component System Configuration Module . Performing a manipulation results in improper authentication. This vulnerability is reported as CVE-2026-12183 . The attack is possible to be carried out remotely. No exploit exists.