Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SD-330AC

Source -

CNA

CNA CVEs -

11

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
11Vulnerabilities found
CVE-2026-32956
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.3||CRITICAL
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:20
Updated-20 Apr, 2026 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-32955
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-8.7||HIGH
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:19
Updated-20 Apr, 2026 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-32957
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:19
Updated-20 Apr, 2026 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-32958
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:19
Updated-20 Apr, 2026 | 13:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2026-32959
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-8.2||HIGH
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:18
Updated-20 Apr, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle attack.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2026-32960
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-7.1||HIGH
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:18
Updated-20 Apr, 2026 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-226
Sensitive Information in Resource Not Removed Before Reuse
CVE-2026-32961
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:18
Updated-20 Apr, 2026 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a crafted packet may cause a temporary denial-of-service (DoS) condition.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-32962
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:18
Updated-20 Apr, 2026 | 04:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication.

Action-Not Available
Vendor-silex technology, Inc.
Product-AMC ManagerSD-330AC
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-32963
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-5.1||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:18
Updated-20 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected device and access some crafted web page, arbitrary script may be executed on the user's browser.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-32964
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:17
Updated-20 Apr, 2026 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
CVE-2026-32965
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-8.7||HIGH
EPSS-Not Assigned
Published-20 Apr, 2026 | 03:17
Updated-20 Apr, 2026 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial (factory-default) configuration, the device can be configured with the null string password.

Action-Not Available
Vendor-silex technology, Inc.
Product-SD-330ACAMC Manager
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default