CVE-2026-31927
Received Received - Intake
Path Traversal in Anviz CX7 Firmware Enables Unauthorized SSH Access

Publication date: 2026-04-17

Last updated on: 2026-05-04

Assigner: ICS-CERT

Description
Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files (e.g., /etc/shadow), enabling unauthorized SSH access when combined with debug‑setting changes
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-17
Last Modified
2026-05-04
Generated
2026-06-16
AI Q&A
2026-04-17
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31927
EUVD
EUVD-2026-23470
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
anviz cx7_firmware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The Anviz CX7 Firmware has a vulnerability involving an authenticated CSV upload feature that allows an attacker to perform path traversal. This means an attacker who is authenticated can upload a specially crafted CSV file to overwrite arbitrary files on the device.

For example, an attacker could overwrite critical system files such as /etc/shadow, which stores password hashes.

When combined with changes to debug settings, this can enable unauthorized SSH access to the device.

Impact Analysis

This vulnerability can allow an attacker with authenticated access to overwrite important system files, potentially leading to unauthorized access to the device via SSH.

Such unauthorized access could compromise the security and integrity of the device and any network it is connected to.

The CVSS score indicates a moderate impact with high integrity impact but no confidentiality or availability impact.

Compliance Impact

The vulnerability in Anviz CX7 Firmware allows an authenticated user to perform a CSV upload that leads to path traversal and arbitrary file overwrite, such as overwriting /etc/shadow. This can enable unauthorized SSH access when combined with debug-setting changes.

Such unauthorized access and potential compromise of sensitive system files could lead to violations of security requirements in common standards and regulations like GDPR and HIPAA, which mandate protection of personal data and secure access controls.

Therefore, exploitation of this vulnerability could negatively impact compliance by enabling unauthorized access to systems that may store or process regulated data.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31927. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart