CVE-2026-0778
Unknown Unknown - Not Provided
Unauthenticated Remote Code Execution in Enel X JuiceBox 40 Telnet

Publication date: 2026-01-23

Last updated on: 2026-01-23

Assigner: Zero Day Initiative

Description
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telnet service, which listens on TCP port 2000 by default. The issue results from the lack of authentication prior to allowing remote connections. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-23285.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-23
Last Modified
2026-01-23
Generated
2026-05-07
AI Q&A
2026-01-23
EPSS Evaluated
2026-05-05
NVD
CVE-2026-0778
EUVD
EUVD-2026-4454
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
enel_x juicebox_40 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-0778 is a remote code execution vulnerability in the Enel X JuiceBox 40 charging stations. The issue is in the Telnet service running on TCP port 2000, which does not require any authentication. This allows an attacker on the same network to connect without credentials and execute arbitrary code with the privileges of the service account. [1]


How can this vulnerability impact me? :

This vulnerability can allow an attacker to execute arbitrary code remotely on the affected device without authentication. This can lead to full compromise of the device, impacting confidentiality, integrity, and availability of the system and potentially the network it is connected to. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by scanning your network for devices running the Enel X JuiceBox 40 Telnet service on TCP port 2000. You can use network scanning tools such as nmap with the command: nmap -p 2000 --open <target-ip-range>. If port 2000 is open and the service responds without requiring authentication, the device may be vulnerable. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting network access to TCP port 2000 on Enel X JuiceBox 40 devices to trusted hosts only, disabling the Telnet service if possible, or applying any available patches or updates from the vendor that address the authentication issue. Additionally, monitoring network traffic for unauthorized connections to port 2000 can help detect exploitation attempts. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart