Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/15 3:29 p.m.2 views

CVE-2026-26366

eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials user:user, admin:admin that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitiv...

9.8CVSS5.5AI score0.00652EPSS
Exploits2References3
CVE
CVE
added 2026/02/15 3:29 p.m.19 views

CVE-2026-26366

The CVE-2026-26366 entry concerns JUNG eNet SMART HOME server versions 2.2.1 and 2.3.1. The available documents state that these builds ship with default credentials (user:user, admin:admin) that remain active after installation, allowing unauthenticated attackers to gain administrative access to...

9.8CVSS5.5AI score0.00652EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/15 12:0 a.m.14 views

PT-2026-8252

Name of the Vulnerable Software and Affected Versions eNet SMART HOME server versions 2.2.1 and 2.3.1 Description The software contains a missing authorization flaw in the resetUserPassword JSON-RPC method. An authenticated, low-privileged user UG USER can reset the passwords of any account,...

8.8CVSS5.5AI score0.00529EPSS
Exploits2References12
Positive Technologies
Positive Technologies
added 2026/02/15 12:0 a.m.7 views

PT-2026-8250

Name of the Vulnerable Software and Affected Versions eNet SMART HOME server versions 2.2.1 and 2.3.1 Description The eNet SMART HOME server is affected by a default credentials issue. The server ships with default credentials 'user:user', 'admin:admin' that remain active after installation and...

9.8CVSS5.4AI score0.00652EPSS
Exploits2References11
Rows per page
Query Builder