HarborGuard / CVE
Back to search
HIGHCVE-2026-35682Published Modified CNA icscert

CVE-2026-35682: Anviz CX2 Lite Command Injection

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution (e.g., starting telnetd), resulting in root‑level access.

Metrics

CVSS v3.1
8.8
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • Anviz / Anviz CX2 Lite Firmware
    All versions
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
CVE-2026-35682: Anviz CX2 Lite Command Injection | HarborGuard CVE