A critical privilege escalation vulnerability in eNet SMART HOME server versions 2.2.1 and 2.3.1 allows low-privileged users to bypass access controls and gain full administrative capabilities.

This flaw exists due to insufficient authorization checks within the setUserGroup JSON-RPC method. A low-privileged attacker (UG_USER) can submit a crafted POST request to /jsonrpc/management to elevate their account to the UG_ADMIN group.

A successful exploit grants the attacker total control over the smart home environment, including device configurations, network settings, and security functions. Given the CVSS score of 9.8, the impact is critical, as it allows for complete unauthorized administrative access, potentially leading to physical security breaches or persistent surveillance of the premises.

Immediate Action: Update the eNet SMART HOME server software to the latest available version immediately to patch the vulnerable JSON-RPC method.

Proactive Monitoring: Review system logs for unusual POST requests directed at the /jsonrpc/management endpoint, specifically those attempting to modify user group assignments.

Compensating Controls: Implement network segmentation to ensure the management interface is only accessible from trusted internal segments and utilize a Web Application Firewall (WAF) to filter JSON-RPC traffic.

Public Exploit Available: false

This vulnerability represents a severe risk to the integrity and privacy of the smart home environment. The ability for a standard user to elevate themselves to an administrator without proper validation is a fundamental security failure. It is strongly recommended that administrators apply the vendor-provided security updates immediately to mitigate the risk of unauthorized system takeover.