Main Vulnerability Database SB2026011526

SB2026011526 - Improper Authentication in Enel X JuiceBox 40

Published: January 15, 2026

Security Bulletin ID SB2026011526

Severity

Medium

Patch available

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authentication (CVE-ID: CVE-2026-0778)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests within the telnet service. A remote attacker on the local network can bypass authentication process and execute arbitrary code on the target system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://www.zerodayinitiative.com/advisories/ZDI-26-041/