Path Traversal in Avid Nexis E-series
CVE-2024-26292
An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Di…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.004 (28.3th percentile) — read the EPSS interpretation.
Affected products
- Avid Nexis E-series — versions 0
- Avid Nexis F-series — versions 0
- Avid Nexis Pro+ — versions 0
- Avid System Director Appliance (Sda+) — versions 0
Weakness classification (CWE)
References
- a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (vendor-advisory)
- a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (technical-description, third-party-advisory)