SB2026011526 - Improper Authentication in Enel X JuiceBox 40
Published: January 15, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper Authentication (CVE-ID: CVE-2026-0778)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing authentication requests within the telnet service. A remote attacker on the local network can bypass authentication process and execute arbitrary code on the target system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.