13 matches found
📄 eNet SMART HOME 2.3.1 Privilege Escalation
The eNet Smart Home device firmware versions 2.3.1 build 46841 and 2.2.1 build 46056 exposes JSON‑RPC management methods that may allow authenticated low‑privileged users to perform unauthorized administrative actions. Improper server‑side authorization controls on the /jsonrpc/management endpoin...
CVE-2026-26369
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
📄 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation
The eNet Smart Home system suffers from a privilege escalation vulnerability due to insufficient authorization checks in the JSON-RPC endpoint for user management. A low-privileged user, can exploit the setUserGroup method by sending a crafted POST request to /jsonrpc/management, specifying their...
CVE-2026-26369
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
CVE-2026-26369
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
CVE-2026-26369 JUNG eNet SMART HOME server 2.2.1/2.3.1 Privilege Escalation via setUserGroup
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
CVE-2026-26369
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
EUVD-2026-6140
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
CVE-2026-26369
CVE-2026-26369 affects eNet SMART HOME server versions 2.2.1 and 2.3.1. The issue is a privilege escalation in the setUserGroup JSON-RPC method caused by insufficient authorization checks. A low-privileged user (UG_USER) can send a crafted POST to /jsonrpc/management specifying their username to ...
CVE-2026-26369 JUNG eNet SMART HOME server 2.2.1/2.3.1 Privilege Escalation via setUserGroup
eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...
eNet SMART HOME server 安全漏洞
The eNet SMART HOME server is a wireless smart home console developed by the German company eNet. There are security vulnerabilities in the eNet SMART HOME server 2.2.1 and 2.3.1 versions. These vulnerabilities stem from insufficient authorization checks in the setUserGroup JSON-RPC method, which...
PT-2026-8253
Name of the Vulnerable Software and Affected Versions eNet SMART HOME server versions 2.2.1 and 2.3.1 Description The eNet SMART HOME server is affected by a privilege escalation issue. Insufficient authorization checks within the setUserGroup JSON-RPC method allow a low-privileged user UG USER t...
eNet SMART HOME server 2.3.1 (setUserGroup) Remote Privilege Escalation
Summary Two German specialists in building systems technology are jointly bringing a new, wireless-based smart home system to the market. Gira and JUNG are the companies behind the eNet SMART HOME brand with our subsidiary, INSTA, responsible for developing the system. All three of us are old han...