Description
Anviz CX2 Lite is vulnerable to an authenticated command injection via a
filename parameter that enables arbitrary command execution (e.g.,
starting telnetd), resulting in root‑level access.
Published: 2026-04-17
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Contact Vendor
AI Analysis

Impact

Anviz CX2 Lite firmware is vulnerable to an authenticated command injection via a filename parameter that allows an attacker to execute arbitrary system commands, such as starting the telnet daemon, thereby achieving root‑level control. This flaw provides full remote code execution capabilities against the affected device. The vulnerability stems from improper handling of user‑supplied filenames, classified as CWE‑77.

Affected Systems

The affected product is the Anviz CX2 Lite firmware. No specific version information is listed in the CNA data.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity, while no EPSS value is available and the issue is not listed in the CISA KEV catalog. The flaw requires authenticated access to the device’s management interface to supply the malicious filename. The attack vector is likely the network interface that accepts file upload or management commands. Given the high severity but uncertain exploitation probability, the risk is significant for exposed devices, especially those reachable via public or untrusted networks.

Generated by OpenCVE AI on April 18, 2026 at 09:04 UTC.

Remediation

Vendor Workaround

Anviz did not respond to CISA's attempts to coordinate these vulnerabilities. Users should contact Anviz for more information at https://www.anviz.com/contact-us.html.

OpenCVE Recommended Actions

  • Contact Anviz support at https://www.anviz.com/contact-us.html to request a firmware patch or mitigation guidance.
  • Isolate the device from untrusted networks by applying firewall rules or placing it on a segmented VLAN, thereby limiting exposure of the vulnerable interface.
  • Disable or restrict the device’s remote file upload or filename parameter functionality—such as disabling the affected service or limiting it to trusted administrative IP addresses to mitigate command injection.

Generated by OpenCVE AI on April 18, 2026 at 09:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 17 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Description Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution (e.g., starting telnetd), resulting in root‑level access.
Title Anviz CX2 Lite Command Injection
Weaknesses CWE-77
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-04-17T20:30:18.510Z

Reserved: 2026-04-14T15:47:54.211Z

Link: CVE-2026-35682

cve-icon Vulnrichment

Updated: 2026-04-17T20:30:09.762Z

cve-icon NVD

Status : Received

Published: 2026-04-17T20:16:35.510

Modified: 2026-04-17T20:16:35.510

Link: CVE-2026-35682

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T09:15:15Z

Weaknesses