Known Vulnerabilities for products from Anviz
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Anviz".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Anviz can be found at device.report : Anviz
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40461 json | Not Provided | 2026-04-17 | 2026-04-17 | |
| CVE-2026-40434 json | Not Provided | 2026-04-17 | 2026-04-17 | |
| CVE-2026-40066 json | Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks and executes ... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-35682 json | Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command ... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-35546 json | Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, en... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-35061 json | Not Provided | 2026-04-17 | 2026-04-17 | |
| CVE-2026-33569 json | Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to sniff credentials and sessi... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-33093 json | Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camer... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-32650 json | Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing databa... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-32648 json | Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details (e.g., SSH/RTTY... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-32324 json | Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2026-31927 json | Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files (e... | Not Provided | 2026-04-17 | 2026-05-04 |
| CVE-2019-12518 json | Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability. | 9.8 - CRITICAL | 2019-12-02 | 2020-02-13 |
| CVE-2019-12394 json | Anviz access control devices allow unverified password change which allows remote attackers to change the administrator passw... | 9.8 - CRITICAL | 2019-12-02 | 2019-12-12 |
| CVE-2019-12393 json | Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door r... | 7.5 - HIGH | 2019-12-02 | 2019-12-12 |
| CVE-2019-12392 json | Anviz access control devices allow remote attackers to issue commands without a password. | 9.8 - CRITICAL | 2019-12-02 | 2020-08-24 |
| CVE-2019-12391 json | The Anviz Management System for access control has insufficient logging for device events such as door open requests. | 7.5 - HIGH | 2019-12-02 | 2019-12-12 |
| CVE-2019-12390 json | Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this inform... | 5.3 - MEDIUM | 2019-12-02 | 2020-08-24 |
| CVE-2019-12389 json | Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information ... | 7.5 - HIGH | 2019-12-02 | 2020-08-24 |
| CVE-2019-12388 json | Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying... | 7.5 - HIGH | 2019-12-02 | 2020-08-24 |
Known software with vulnerabilities from Anviz
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Anviz | Anviz | - |
| Operating System | Anviz | Anviz Firmware | - |
| Application | Anviz | Crosschex | 4.3.12 |
| Hardware | Anviz | M3 | - |
| Operating System | Anviz | M3 Firmware | - |
| Application | Anviz | Management System | - |