← Advisories

JUNG Smart Panel 5.1 KNX Unauthenticated Absolute File Path Traversal

Critical

Advisory ID

ZSL-2026-5969

Release Date

10 February 2026

Vendor

ALBRECHT JUNG GMBH & CO. KG - https://www.jung-group.com, https://www.jung.de

Affected Version

L1.12.22

CVE

CVE-2026-25872

Tested On

GNU/Linux 3.0.35-1.1.0

Summary

The JUNG Smart Panel 5.1 KNX is a flush-mounted 5-inch touch-sensitive controller designed for managing smart building automation via the KNX system. It serves as a, intuitive, centralized interface for controlling lighting, shading, heating, and security, utilizing a 640 x 480-pixel color TFT screen running on embedded Linux.

Description

The controller suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.

Proof of Concept

jung_dir.txtTXT

Disclosure Timeline

06.02.2026Vulnerability discovered.

07.02.2026Vendor contacted.

09.02.2026No response from the vendor.

10.02.2026Public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://www.vulncheck.com/advisories/jung-smart-panel-knx-unauthenticated-path-traversal

[2]https://www.cve.org/cverecord?id=CVE-2026-25872

[3]https://packetstorm.news/files/id/215430

Changelog

10.02.2026Initial release

12.02.2026Added reference [3]