Ghostwire

CVE-2026-40461: Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings (e.g., enabling SSH),...

HIGH CVSS 7.5

Published: April 17, 2026 | Last Modified: April 17, 2026

Description

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings (e.g., enabling SSH), allowing unauthorized state changes that can facilitate later compromise.

Ghostwire Analysis — What This Means Practically

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References

www.tenable.com/cve/CVE-2026-40461
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-40461