4 matches found
CVE-2026-26366
eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials user:user, admin:admin that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitiv...
CVE-2026-26366
The CVE-2026-26366 entry concerns JUNG eNet SMART HOME server versions 2.2.1 and 2.3.1. The available documents state that these builds ship with default credentials (user:user, admin:admin) that remain active after installation, allowing unauthenticated attackers to gain administrative access to...
PT-2026-8252
Name of the Vulnerable Software and Affected Versions eNet SMART HOME server versions 2.2.1 and 2.3.1 Description The software contains a missing authorization flaw in the resetUserPassword JSON-RPC method. An authenticated, low-privileged user UG USER can reset the passwords of any account,...
PT-2026-8250
Name of the Vulnerable Software and Affected Versions eNet SMART HOME server versions 2.2.1 and 2.3.1 Description The eNet SMART HOME server is affected by a default credentials issue. The server ships with default credentials 'user:user', 'admin:admin' that remain active after installation and...