CVE-2026-22885 EnOcean SmartServer IoT Out-of-bounds Read

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in a memory leak from the program's memory...

CVE-2026-22885 EnOcean SmartServer IoT Out-of-bounds Read

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in a memory leak from the program's memory...

CVE-2026-20761 EnOcean SmartServer IoT Command Injection

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...

PT-2026-21022

Name of the Vulnerable Software and Affected Versions EnOcean SmartServer IoT versions prior to 4.60.009 Description A flaw exists that could allow remote attackers to cause a memory leak. This can occur by sending specially crafted IP-852 messages within LON IP-852 management messages...

EnOcean SmartServer IoT 命令注入漏洞

EnOcean SmartServer IoT is a multi-protocol IoT edge server developed by the German company EnOcean. Versions of EnOcean SmartServer IoT prior to 4.60.009 contain a command injection vulnerability. This vulnerability arises from improper handling of specially crafted IP-852 messages, which may...