CVE-2026-32650

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access...

CVE-2026-32650 Anviz CrossChex Standard Algorithm Downgrade

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access...

CVE-2026-32650

The CVE-2026-32650 entry applies to Anviz CrossChex Standard. The description states that an attacker can manipulate the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access. This highlights a credential exposure risk ...

CVE-2026-32650

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access...

CVE-2026-40434 Anviz CrossChex Standard Improper Verification of Source of a Communication Channel

Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...

CVE-2026-40434

Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...

CVE-2026-40434

CVE-2026-40434 affects Anviz CrossChex Standard and is due to improper verification of the source of a communication channel, enabling an adjacent attacker on the same network to inject TCP packets and modify or disrupt client/server traffic. The documented impact is high (I/H, A/H) with no user ...

PT-2026-33500

CVE-2026-32650 Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and… https://t.co/O0iDDBAtcU...

Anviz CrossChex Standard 安全漏洞

Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability arises from the ability of attackers to manipulate the...

Anviz CrossChex Standard 安全漏洞

Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability stems from the lack of source verification in the...

CVE-2018-25135 Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via User Import

Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro execution when importing...

PT-2025-53355

Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro execution when importing...

Anviz CrossChex - Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Anviz CrossChex Buffer Overflow', 'Description' = %q Waits for broadcasts from Ainz CrossChex looking for new devices, and returns a custom...

Anviz CrossChex Buffer Overflow

Waits for broadcasts from Ainz CrossChex looking for new devices, and returns a custom broadcast, triggering a stack buffer overflow. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Anviz...

Anviz CrossChex 4.3.12 Local Buffer Overflow

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A...