PT-2026-33419 · Anviz · Anviz Cx2 Lite Firmware
Published
2026-04-17
·
Updated
2026-04-17
·
CVE-2026-35682
CVSS v3.1
8.8
High
| AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Anviz CX2 Lite is vulnerable to an authenticated command injection via a
filename parameter that enables arbitrary command execution (e.g.,
starting telnetd), resulting in root‑level access.
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Anviz Cx2 Lite Firmware