EUVD-2026-23480

| CVE-2026-33093 MEDIUM

2026-04-17 icscert

GHSA-vh49-38wc-6wqp

Authentication Bypass

5.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 17, 2026 - 20:05 vuln.today

DescriptionNVD

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment.

AnalysisAI

Unauthenticated remote attackers can capture photos using the front-facing camera on Anviz CX7 devices via a direct POST request, exposing visual information about the physical deployment environment without authentication. The vulnerability affects all versions of Anviz CX7 Firmware and is tracked in CISA industrial control systems advisories, indicating deployment in operational technology environments. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-23480 vulnerability details – vuln.today

Back

EUVD-2026-23480

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code