🔐 CVE Alert

CVE-2024-6789

UNKNOWN 0.0

Path traversal in M-Files API

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files

CWE CWE-22
Vendor m-files corporation
Product m-files server
Published Aug 27, 2024
Last Updated Feb 23, 2026
Stay Ahead of the Next One

Get instant alerts for m-files corporation m-files server

Be the first to know when new unknown vulnerabilities affecting m-files corporation m-files server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

M-Files Corporation / M-Files Server
0 < 24.8.13981.0 LTS 24.2.0 < LTS 24.2.13421.15 SR2 LTS 23.8.0 < LTS 23.8.12892.0 SR6

References

NVD ↗ CVE.org ↗ EPSS Data ↗
product.m-files.com: https://product.m-files.com/security-advisories/cve-2024-6789/ empower.m-files.com: https://empower.m-files.com/security-advisories/CVE-2024-6789