CVE-2026-26368

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-26368
eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the resetUserPassword JSON-RPC method that allows any authenticated low-privileged user (UG_USER) to reset the password of arbitrary accounts, including those in the UG_ADMIN and UG_SUPER_ADMIN groups, without supplying the current password or having sufficient privileges. By sending a crafted JSON-RPC request to /jsonrpc/management, an attacker can overwrite existing credentials, resulting in direct account takeover with full administrative access and persistent privilege escalation.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.vulncheck.com/advisories/jung-enet-smart-home-server-account-takeover-via-r Broken Link
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5974.php Third Party Advisory Exploit
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:jung-group:enet_smart_home:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:jung-group:enet_smart_home:2.3.1:*:*:*:*:*:*:*
History

28 Feb 2026, 01:33

Type Values Removed Values Added
First Time Jung-group enet Smart Home
Jung-group
CPE cpe:2.3:a:jung-group:enet_smart_home:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:jung-group:enet_smart_home:2.2.1:*:*:*:*:*:*:*
References () https://www.vulncheck.com/advisories/jung-enet-smart-home-server-account-takeover-via-r - () https://www.vulncheck.com/advisories/jung-enet-smart-home-server-account-takeover-via-r - Broken Link
References () https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5974.php - () https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5974.php - Third Party Advisory, Exploit

18 Feb 2026, 17:52

Type Values Removed Values Added
Summary
  • (es) eNet SMART HOME servidor 2.2.1 y 2.3.1 contiene una vulnerabilidad de autorización faltante en el método JSON-RPC resetUserPassword que permite a cualquier usuario autenticado con bajos privilegios (UG_USER) restablecer la contraseña de cuentas arbitrarias, incluidas las de los grupos UG_ADMIN y UG_SUPER_ADMIN, sin proporcionar la contraseña actual o tener privilegios suficientes. Al enviar una solicitud JSON-RPC manipulada a /jsonrpc/management, un atacante puede sobrescribir credenciales existentes, lo que resulta en una toma de control directa de la cuenta con acceso administrativo completo y escalada de privilegios persistente.

15 Feb 2026, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-15 16:15

Updated : 2026-02-28 01:33

NVD link : CVE-2026-26368

Mitre link : CVE-2026-26368

CVE.ORG link : CVE-2026-26368

JSON object : View

Products Affected

jung-group

  • enet_smart_home
CWE
CWE-862

Missing Authorization