Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings (e.g., enabling SSH), allowing unauthorized state changes that can facilitate later compromise.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NAnviz Cx2 Lite
HWAnvizwszystkie wersjeAnviz Cx2 Lite Firmware
OSAnvizwszystkie wersjeAnviz Cx7
HWAnvizwszystkie wersjeAnviz Cx7 Firmware
OSAnvizwszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2026-35546CRITICAL9.8PL ✓ten sam produkt
Nieautoryzowane przesyłanie firmware w urządzeniach Anviz CX2 Lite i CX7
CVE-2026-32324HIGH7.7ten sam produkt
Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling ...
CVE-2026-35682HIGH8.8ten sam produkt
Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbi...
CVE-2026-40066HIGH8.8ten sam produkt
Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks ...
CVE-2026-35061MEDIUM5.3ten sam produkt
Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authe...