CVE 6.5 MEDIUM

Anviz Products Cleartext Transmission of Sensitive Information_CVE-2026-33569

April 17, 2026 invoker category_cve
6.5 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Description

Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling
on‑path attackers to sniff credentials and session data, which can be
used to compromise the device.

Basic Information

ID CVE-2026-33569
Source icscert
Published Apr 17, 2026 at 19:30

Affected Product

Vendor Anviz
Product Anviz CX7 Firmware
Version All versions
Affected Versions Anviz Anviz CX7 Firmware All versions
Anviz Anviz CX2 Lite Firmware All versions

CWE Classification

CWE-319

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.