PT-2026-48654 · Unknown · Golem Oee Mes
Karol Królak
·
Published
2026-06-11
·
Updated
2026-06-11
·
CVE-2026-8464
CVSS v4.0
8.3
High
| Vector | AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Golem OEE MES versions prior to 11.6.0
Description
An unauthenticated path traversal flaw allows an attacker on the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. Path traversal is a technique used to access files and directories that are stored outside the web root folder.
Recommendations
Update to version 11.6.0.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Golem Oee Mes