CVE-2026-32964
published 2026-04-20CVE-2026-32964: SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing…
PriorityP337medium6.5CVSS 3.1
AVNACLPRNUINSUCNILAL
EPSS
0.28%
19.4th percentile
SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| silex_technology_inc | amc_manager | — | — |
| silex_technology_inc | sd-330ac | — | — |
| silextechnology | amc_manager | < 5.1.0 | 5.1.0 |
| silextechnology | sd-330ac_firmware | < 1.50 | 1.50 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
nvdv4.06.9MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
ghsa9.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
silex SD-330AC/AMC Manager Configuration crlf injection
vuldb·2026-04-20·CVSS 6.9
CVE-2026-32964 [MEDIUM] silex SD-330AC/AMC Manager Configuration crlf injection
A vulnerability was found in silex SD-330AC and AMC Manager and classified as problematic. This affects an unknown function of the component Configuration Handler. The manipulation results in crlf injection.
This vulnerability was named CVE-2026-32964. The attack may be performed from remote. There is no available exploit.
It is suggested to upgrade the affected component.
GHSA
GHSA-5f3w-cmwx-c9m9: SD-330AC and AMC Manager provided by silex technology, Inc
ghsa_unreviewed·2026-04-20
CVE-2026-32964 [MEDIUM] CWE-93 GHSA-5f3w-cmwx-c9m9: SD-330AC and AMC Manager provided by silex technology, Inc
SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration.
No detection rules found.
No public exploits indexed.
2026-04-20
Published