Auth bypass in Liquidfiles
CVE-2026-12673
Liquidfiles versions before 4.2.12 are affected by a broken access control vulnerability resulting in privilege escalation from an Admin in a secondary domain to a Sysadmin by modifying a group in their managed secondary (non-default) grou…
Affected products
- Liquidfiles — versions 0
Weakness classification (CWE)
References
- ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a (vendor-advisory)
- ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a (exploit)