Skip to main content

Smart Visu Server Firmware CVE-2026-26235

HIGH
Missing Authentication for Critical Function (CWE-306)
2026-02-12 disclosure@vulncheck.com
Denial Of Service Smart Visu Server Firmware
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 22:02 vuln.today
PoC Detected
Feb 20, 2026 - 19:52 vuln.today
Public exploit code
CVE Published
Feb 12, 2026 - 04:15 nvd
HIGH 7.5

DescriptionCVE.org

JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or reboot the server. Attackers can send a single POST request to trigger the server reboot without requiring any authentication.

AnalysisAI

JUNG Smart Visu Server 1.1.1050 can be forcibly shut down or rebooted by unauthenticated remote attackers through a single POST request, causing service disruption. Public exploit code exists for this denial of service vulnerability, and no patch is currently available to address the authentication bypass.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious POST request
Exploit
Send to JUNG Smart Visu Server endpoint
Execution
Trigger unauthenticated reboot function
Impact
Server becomes unavailable
Sign in to reveal

Vulnerability AssessmentAI

Exploitation No special conditions — remote unauthenticated exploitation against JUNG Smart Visu Server 1.1.1050 with default configurations accepting POST requests to reboot endpoints. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.5 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A remote attacker without authentication could exploit this vulnerability to remotely shutdown or reboot the server.
Remediation Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all JUNG Smart Visu Server 1.1.1050 instances and restrict network access to trusted sources only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-26235 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy