JUNG eNet SMART HOME server 2.2.1/2.3.1 Use of Default Credentials

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials (user:user, admin:admin) that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitive smart home configuration and control functions.

AI Analysis

Use of default credentials in eNet SMART HOME server 2.2.1 and 2.3.1 allows unauthenticated attackers to gain administrative access

Basic Information

ID CVE-2026-26366

Source VulnCheck

Published Feb 15, 2026 at 15:29

Affected Product

Vendor JUNG

Product eNet SMART HOME server

Version 2.3.1 (46841)

Affected Versions JUNG eNet SMART HOME server 2.3.1 (46841)
JUNG eNet SMART HOME server 2.2.1 (46056)

CWE Classification

CWE-1392

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor JUNG

Product eNet SMART HOME server

Version 2.2.1, 2.3.1

References

{
    "lastseen": "",
    "description": "eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials (user:user, admin:admin) that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitive smart home configuration and control functions.",
    "published": "2026-02-15T15:29:53.866Z",
    "modified": "2026-02-15T15:29:53.866Z",
    "type": "cve",
    "title": "JUNG eNet SMART HOME server 2.2.1/2.3.1 Use of Default Credentials",
    "source": "VulnCheck",
    "references": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5972.php\nhttps://www.vulncheck.com/advisories/jung-enet-smart-home-server-use-of-default-credent",
    "id": "CVE-2026-26366",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1392"
    ],
    "cvelist": null,
    "sourceData": "JUNG eNet SMART HOME server 2.3.1 (46841)\nJUNG eNet SMART HOME server 2.2.1 (46056)",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "eNet SMART HOME server",
    "version": "2.3.1 (46841)",
    "vendor": "JUNG",
    "ai_description": "Use of default credentials in eNet SMART HOME server 2.2.1 and 2.3.1 allows unauthenticated attackers to gain administrative access",
    "ai_severity": "Critical",
    "ai_vendor": "JUNG",
    "ai_product": "eNet SMART HOME server",
    "ai_version": "2.2.1, 2.3.1",
    "ai_score": 9.3
}

JUNG eNet SMART HOME server 2.2.1/2.3.1 Use of Default Credentials_CVE-2026-26366