Senselive X3500_firmware
10 CVEs affecting Senselive X3500_firmware. Latest disclosed: 2026-04-24. Critical: 4, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40630 | Critical | 9.8 | 2026-04-24 | A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control e… |
CVE-2026-40620 | Critical | 9.8 | 2026-04-24 | A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or aut… |
CVE-2026-35503 | Critical | 9.8 | 2026-04-24 | A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded val… |
CVE-2026-27843 | Critical | 9.1 | 2026-04-24 | A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentica… |
CVE-2026-40623 | High | 8.1 | 2026-04-24 | A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient val… |
CVE-2026-39462 | High | 8.1 | 2026-04-24 | A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper handling of credential… |
CVE-2026-27841 | High | 8.1 | 2026-04-24 | A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF)… |
CVE-2026-35064 | High | 7.5 | 2026-04-24 | A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling… |
CVE-2026-25720 | Medium | 5.4 | 2026-04-24 | A vulnerability exists in SenseLive X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain a… |
CVE-2026-40431 | Medium | 5.3 | 2026-04-24 | A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because mana… |