6 matches found
CVE-2026-22885
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in a memory leak from the program's memory...
CVE-2026-22885 EnOcean SmartServer IoT Out-of-bounds Read
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in a memory leak from the program's memory...
CVE-2026-20761 EnOcean SmartServer IoT Command Injection
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...
CVE-2026-20761
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...
CVE-2026-20761 EnOcean SmartServer IoT Command Injection
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...
EnOcean SmartServer IoT 命令注入漏洞
EnOcean SmartServer IoT is a multi-protocol IoT edge server developed by the German company EnOcean. Versions of EnOcean SmartServer IoT prior to 4.60.009 contain a command injection vulnerability. This vulnerability arises from improper handling of specially crafted IP-852 messages, which may...