CVE-2026-26235

HIGH

JUNG Smart Visu Server 1.1.1050 - DoS

Title source: llm

Description

JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or reboot the server. Attackers can send a single POST request to trigger the server reboot without requiring any authentication.

Exploits (2)

github WORKING POC 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-26235

View Code ZIP pw:eip

nomisec WORKING POC

by mbanyamer · poc

https://github.com/mbanyamer/CVE-2026-26235-JUNG-Smart-Visu-Server-Unauthenticated-Reboot-Shutdown

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://www.vulncheck.com/advisories/jung-smart-visu-server-jung-smart-visu-server-missing-authentication

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5971.php

Scores

CVSS v3 7.5

EPSS 0.0040

EPSS Percentile 60.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-306

Status published

Products (1)

jung-group/smart_visu_server_firmware < 1.1.1050

Published Feb 12, 2026

Tracked Since Feb 18, 2026