Vulnerability Details CVE-2026-35503
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these exposed parameters and gain unauthorized access to administrative functionality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.9%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2026-35503
-
cpe:2.3:h:senselive:x3500:-
-
cpe:2.3:o:senselive:x3500_firmware:1.523