EUVD-2026-23478

| CVE-2026-32648 MEDIUM

2026-04-17 icscert

Authentication Bypass

5.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 17, 2026 - 20:08 vuln.today

DescriptionNVD

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details (e.g., SSH/RTTY status), assisting attackers in reconnaissance against the device.

AnalysisAI

Unauthenticated remote attackers can access debug configuration endpoints on Anviz CX2 Lite and CX7 devices without credentials, exposing SSH and RTTY status information that facilitates reconnaissance. The vulnerability exists in network-accessible endpoints that return sensitive debug data, affecting both device models across all firmware versions.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-23478 vulnerability details – vuln.today

Back

EUVD-2026-23478

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code