Unauthorized Access Vulnerability in Anviz CX7 Firmware
CVE-2026-35061

5.3MEDIUM

Key Information:

Vendor: Anviz
Status: Anviz Cx7 Firmware
Vendor: CVE Published:; 17 April 2026

What is CVE-2026-35061?

The Anviz CX7 Firmware contains a security flaw that allows unauthorized retrieval of the most recently captured test photo without authentication. This vulnerability exposes sensitive operational imagery, potentially compromising the privacy and security of the users. It is essential for organizations using this product to implement immediate measures to safeguard their data and ensure firmware updates are applied to mitigate risks stemming from this vulnerability.

Affected Version(s)

Anviz CX7 Firmware All versions

References

https://www.anviz.com/contact-us.html

https://www.cisa.gov/news-events/ics-advisories/icsa-26-1...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2026
Vulnerability Reserved
Apr 14, 2026

CVE-2026-35061 Data

JSON