Reflected Cross-Site Scripting Vulnerability in Silex Technology SD-330AC and AMC Manager
CVE-2026-32963

5.1MEDIUM

Key Information:

Vendor: Silex Technology, Inc.
Status: Sd-330ac; Amc Manager
Vendor: CVE Published:; 20 April 2026

🔔 Create Silex Technology, Inc. Vulnerability Alert

What is CVE-2026-32963?

The SD-330AC and AMC Manager products from Silex Technology, Inc. are susceptible to a reflected cross-site scripting vulnerability. This issue arises when a user logs into the affected devices and accesses a specially crafted web page. Malicious scripts can be executed in the user's browser, potentially leading to unauthorized actions or data exposure. It is crucial for users of these products to be aware of this vulnerability and implement necessary security measures to mitigate the risks.

Affected Version(s)

AMC Manager Ver.5.0.2 and earlier

SD-330AC Ver.1.42 and earlier

References

https://www.silex.jp/support/security-advisories/en/2026-001

https://www.silex.jp/support/security-advisories/2026-001

https://jvn.jp/en/vu/JVNVU94271449/

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

CVSS V3.0

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 20, 2026
Vulnerability Reserved
Mar 17, 2026

CVE-2026-32963 Data

JSON