CVE-2026-31927

Published April 17th, 2026

View on NVD ↗

CVSS v3

4.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files (e.g., /etc/shadow), enabling unauthorized SSH access when combined with debug‑setting changes

cisagov/CSAF

CISA CSAF Security Advisories

GitHub