EUVD-2026-23747
GHSA-c6qj-q5j5-mvcc
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionNVD
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
AnalysisAI
Stack-based buffer overflow in silex technology's SD-330AC (Ver.1.42 and earlier) and AMC Manager (Ver.5.0.2 and earlier) enables authenticated remote attackers to execute arbitrary code on the device via maliciously crafted redirect URLs. Reported by JPCERT with vendor advisories published, though EPSS score of 0.04% (12th percentile) indicates low observed exploitation probability. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all SD-330AC and AMC Manager devices across your environment and document network access paths and authentication mechanisms. Within 7 days: Implement network segmentation to restrict low-privilege user access to these devices; disable remote access if operationally feasible; apply Silex-provided compensating controls per their official advisory. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today