Security Advisory

CVE-2026-31927

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-17 19:24:53

Last updated 2026-04-17 20:34:41

Assigner icscert

State PUBLISHED

Description

Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files (e.g., /etc/shadow), enabling unauthorized SSH access when combined with debug‑setting changes

← Browse all CVEs View on cve.org ↗