Primary

Context

SenseLive X3050 Password Update Vulnerability in Web Management Interface

Vulnerability

A vulnerability in the web management interface of the SenseLive X3050 device allows for unreliable password updates. This issue arises from improper handling of credential changes on the backend. After a factory restore using the SenseLive Config 2.0 tool, the interface may falsely indicate a successful password update, while the system continues to accept previous or default credentials. Even post-factory reset, password change attempts may not be properly applied.

Impact

Exploitation of this vulnerability could lead to unauthorized access, as the device may continue to accept default or previously set passwords despite indications that a change was successfully made.

Remediation

SenseLive did not respond to CISA's requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information.

Added: Apr 24, 2026, 12:44 AM

Updated: Apr 24, 2026, 12:44 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.0

remediation

0.0

relevance

6.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.0

remediation

0.0

relevance

6.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SenseLive X3050 Password Update Vulnerability in Web Management Interface

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating