CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-31927

Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files (e.g., /etc/shadow), enabling unauthorized SSH access when combined with debug‑setting changes

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.5%

CVSS Severity

CVSS v3 Score 4.9

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json
https://www.anviz.com/contact-us.html
https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03

Products affected by CVE-2026-31927

Anviz » Cx7 » Version: N/A

cpe:2.3:h:anviz:cx7:-
Anviz » Cx7 Firmware » Version: N/A

cpe:2.3:o:anviz:cx7_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-31927

Products

Pricing

Contact Us