Jung-group Enet_smart_home
4 CVEs affecting Jung-group Enet_smart_home. Latest disclosed: 2026-02-15. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26369 | Critical | 9.8 | 2026-02-15 | eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC meth… |
CVE-2026-26366 | Critical | 9.8 | 2026-02-15 | eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials (user:user, admin:admin) that remain active after installation and commissioning without… |
CVE-2026-26368 | High | 8.8 | 2026-02-15 | eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the resetUserPassword JSON-RPC method that allows any authenticated lo… |
CVE-2026-26367 | High | 8.1 | 2026-02-15 | eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the deleteUserAccount JSON-RPC method that permits any authenticated l… |