Medium severity5.3NVD Advisory· Published Feb 10, 2026· Updated Apr 15, 2026
CVE-2026-25872
CVE-2026-25872
Description
JUNG Smart Panel KNX firmware version L1.12.22 and prior contain an unauthenticated path traversal vulnerability in the embedded web interface. The application fails to properly validate file path input, allowing remote, unauthenticated attackers to access arbitrary files on the underlying filesystem within the context of the web server. This may result in disclosure of system configuration files and other sensitive information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <= L1.12.22
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.