ГлавнаяУязвимости → CVE-2026-40461
7.5высокая

CVE-2026-40461

Описание

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings (e.g., enabling SSH), allowing unauthorized state changes that can facilitate later compromise.

Затрагиваемое ПО
Anviz Cx7 firmwareAnviz Cx7Anviz Cx2 lite firmwareAnviz Cx2 lite
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Источники
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.jsonhttps://www.anviz.com/contact-us.htmlhttps://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03