CVE-2024-57186

{"id": "CVE-2024-57186", "cveTags": [], "metrics": {}, "published": "2025-06-10T17:19:40.367", "references": [{"url": "https://github.com/erxes/erxes/commit/d626070a0fcd435ae29e689aca051ccfb440c2f3", "source": "cve@mitre.org"}, {"url": "https://www.sonarsource.com/blog/micro-services-major-headaches-detecting-vulnerabilities-in-erxes-microservices/", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In Erxes <1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-file endpoint handler."}, {"lang": "es", "value": "En Erxes &lt;1.6.2, un atacante no autenticado puede leer archivos arbitrarios del sistema mediante una vulnerabilidad de Path Traversal en el controlador del endpoint /read-file."}], "lastModified": "2025-06-12T16:06:39.330", "sourceIdentifier": "cve@mitre.org"}