Primary

Context

Anviz Multiple Products Unauthenticated Debug Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in Anviz CX2 Lite and CX7 products, allowing unauthenticated access to debug configuration details such as SSH/RTTY status. This information could aid attackers in reconnaissance efforts against the device.

Impact

Exploitation of this vulnerability could enable attackers to gather sensitive debug information that could be used for further attacks on the device.

Remediation

Anviz did not respond to CISA's attempts to coordinate these vulnerabilities. Users should contact Anviz for more information through their official contact page.

Added: Apr 17, 2026, 8:28 PM

Updated: Apr 17, 2026, 8:28 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.9

relevance

6.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.9

relevance

6.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Anviz Multiple Products Unauthenticated Debug Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Anviz CrossChex Standard

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating