CVE-2026-9129
Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read
A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path (such as an encoded drive letter) in a Viewer storage API request, causing the configured storage root to be discarded and allowing arbitrary files to be read from the server filesystem. Because the readable files include the server's master configuration, which stores database credentials, signing key locations, certificate passwords, and OAuth secrets, exploitation can lead to disclosure of all server secrets and full compromise of the server and its data. Cloud deployments are not affected, as they use object storage and do not enable this component.
| CWE | CWE-22 CWE-200 |
| Vendor | altium |
| Product | altium enterprise server |
| Published | May 20, 2026 |
| Last Updated | May 20, 2026 |
Get instant alerts for altium altium enterprise server
Be the first to know when new unknown vulnerabilities affecting altium altium enterprise server are published โ delivered to Slack, Telegram or Discord.