cvedb.io
CVE-2026-20761
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2026-02-20T16:22:32.243 · Last modified 2026-06-17T10:17:46.290

Summary

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.