CVE-2026-33093

| EUVD-2026-23480 MEDIUM
2026-04-17 icscert GHSA-vh49-38wc-6wqp
Authentication Bypass
5.3
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Apr 17, 2026 - 20:05 vuln.today

DescriptionNVD

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment.

AnalysisAI

Unauthenticated remote attackers can capture photos using the front-facing camera on Anviz CX7 devices via a direct POST request, exposing visual information about the physical deployment environment without authentication. The vulnerability affects all versions of Anviz CX7 Firmware and is tracked in CISA industrial control systems advisories, indicating deployment in operational technology environments. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-33093 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy