CVE-2026-27843 - Vulnerability Analysis
CriticalCVSS: 9.1Last Updated: April 24, 2026
SenseLive X3050 - Broken Access Control
Published: April 24, 2026Updated: April 24, 2026Remote Exploitable
Overview
SenseLive X3050 contains a broken access control vulnerability caused by insufficient authentication and server-side validation in the web management interface, letting attackers modify critical configuration parameters to cause persistent lockout and denial of service, exploit requires network access to the management interface.
Severity & Score
Severity: Critical
CVSS Score: 9.1
Impact
Attackers can cause persistent lockout and total denial of service, disrupting gateway and connected systems.
Mitigation
Update to the latest firmware version with proper authentication and validation controls.
References
Related Resources
Details
- CVE ID
- CVE-2026-27843
- Severity
- Critical
- CVSS Score
- 9.1
- Type
- broken_access_control
- Status
- new
CWE
- CWE-306
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H