CVE-2026-32957 MEDIUM

CVE-2026-32957

Vendor Silex Technology, Inc.
Product SD-330AC
Weakness CWE-306 · Missing auth
Published April 20, 2026
Last update April 20, 2026

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication.

Key dates

02Disclosure timeline

April 20, 2026 CVE published
April 20, 2026 Record updated