{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26234", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-02-12T01:23:58.228Z", "datePublished": "2026-02-12T02:31:11.882Z", "dateUpdated": "2026-03-05T01:31:03.341Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-05T01:31:03.341Z"}, "datePublic": "2026-02-12T00:00:00.000Z", "title": "JUNG Smart Visu Server - Improper Neutralization of HTTP Headers for Scripting Syntax", "descriptions": [{"lang": "en", "value": "JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of HTTP Headers for Scripting Syntax", "cweId": "CWE-644", "type": "CWE"}]}], "affected": [{"vendor": "ALBRECHT JUNG GMBH & CO. KG", "product": "JUNG Smart Visu Server", "versions": [{"version": "1.1.1050", "status": "affected"}, {"version": "1.0.905", "status": "affected"}, {"version": "1.0.832", "status": "affected"}, {"version": "1.0.830", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:jung-group:smart_visu_server_firmware:1.1.1050:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5970.php", "name": "Zero Science Lab Vulnerability Advisory", "tags": ["third-party-advisory"]}, {"name": "VulnCheck Advisory: JUNG Smart Visu Server - Improper Neutralization of HTTP Headers for Scripting Syntax", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/jung-smart-visu-server-improper-neutralization-of-http-headers-for-scripting-syntax"}], "credits": [{"lang": "en", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5970.php", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-12T15:31:24.199585Z", "id": "CVE-2026-26234", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T15:31:27.747Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26234", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-12T15:31:24.199585Z"}}}], "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5970.php", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T15:31:16.954Z"}}], "cna": {"title": "JUNG Smart Visu Server - Improper Neutralization of HTTP Headers for Scripting Syntax", "credits": [{"lang": "en", "type": "finder", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "ALBRECHT JUNG GMBH & CO. KG", "product": "JUNG Smart Visu Server", "versions": [{"status": "affected", "version": "1.1.1050"}, {"status": "affected", "version": "1.0.905"}, {"status": "affected", "version": "1.0.832"}, {"status": "affected", "version": "1.0.830"}]}], "datePublic": "2026-02-12T00:00:00.000Z", "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5970.php", "name": "Zero Science Lab Vulnerability Advisory", "tags": ["third-party-advisory"]}, {"url": "https://www.vulncheck.com/advisories/jung-smart-visu-server-improper-neutralization-of-http-headers-for-scripting-syntax", "name": "VulnCheck Advisory: JUNG Smart Visu Server - Improper Neutralization of HTTP Headers for Scripting Syntax", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-644", "description": "Improper Neutralization of HTTP Headers for Scripting Syntax"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-02-12T02:31:11.882Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26234", "state": "PUBLISHED", "dateUpdated": "2026-02-12T15:31:27.747Z", "dateReserved": "2026-02-12T01:23:58.228Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-02-12T02:31:11.882Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:jung-group:smart_visu_server_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A6F6D45-15C5-4CDD-8652-51706EDD87D1", "versionEndIncluding": "1.1.1050", "versionStartIncluding": "1.0.830", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:jung-group:smart_visu_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "B72946C8-4DEB-44E6-A22B-21AD3AC95A93", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains."}, {"lang": "es", "value": "JUNG Smart Visu Server 1.1.1050 contiene una vulnerabilidad de manipulaci\u00f3n de encabezado de solicitud que permite a atacantes no autenticados anular URL de solicitud inyectando valores arbitrarios en el encabezado X-Forwarded-Host. Los atacantes pueden manipular solicitudes proxy para generar respuestas contaminadas, lo que permite el envenenamiento de cach\u00e9, posible phishing y redirigir a los usuarios a dominios maliciosos."}], "id": "CVE-2026-26234", "lastModified": "2026-02-20T15:14:52.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-02-12T04:15:47.600", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/jung-smart-visu-server-improper-neutralization-of-http-headers-for-scripting-syntax"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory", "Exploit"], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5970.php"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Third Party Advisory", "Exploit"], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5970.php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-644"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1.1050"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0.905"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0.832"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0.830"}}], "product": "jung_smart_visu_server", "vendor": "albrecht_jung"}], "analysis": {"en": {"generated_at": "2026-04-16T17:12:59.068711+00:00", "value": {"mitigation_remediation": ["Apply vendor patch to update Jung Smart Visu Server to the latest version.", "Configure the server or reverse proxy to ignore or sanitize the X-Forwarded-Host header to prevent URL overrides.", "Restrict proxy header usage by limiting or disabling the X-Forwarded-Host header in inbound traffic."], "summary": {"action": "Immediate Patch", "impact": "Cache poisoning and malicious redirection leading to phishing"}, "threat_synthesis": {"affected_systems": "The affected product is Jung Smart Visu Server from Albrecht Jung GmbH & Co. KG. The CVE references version 1.1.1050 of the server software and the corresponding firmware bundle. Systems running this exact firmware release are impacted unless a later, patched release is deployed. No other product versions were explicitly listed in the advisory.", "description_and_impact": "JUNG Smart Visu Server 1.1.1050 is vulnerable to request header manipulation, allowing an attacker to inject arbitrary values into the X-Forwarded-Host header. This improper neutralization permits the attacker to override the intended request URL. The result is that the server will forward the request to a user-supplied host, potentially delivering tainted content, triggering cache-poisoned responses, or redirecting clients to malicious domains. The vulnerability is not limited to authenticated users; any entity that can send HTTP requests to the server may exploit it, providing a path to phishing or cache-based attacks.", "risk_and_exploitability": "The CVSS base score of 8.7 classifies the vulnerability as High. EPSS indicates a sub-1% chance of exploitation, suggesting it is low-probability, but the lack of a KEV listing implies it is currently unconfirmed or not widely exploited. Attackers can exploit the flaw by sending crafted HTTP requests containing a malicious X-Forwarded-Host value, which does not require authentication or privileged access. Successful exploitation allows an attacker to control the target host presented to downstream systems and end users, enabling cache poisoning, phishing, and arbitrary user redirection."}}}}, "created": "2026-02-12T09:02:02.809786+00:00", "updated": "2026-04-16T17:15:17.994535+00:00", "vendors": ["albrecht_jung", "albrecht_jung$PRODUCT$jung_smart_visu_server"]}