CVE 9.4 CRITICAL

Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read_CVE-2026-9129

May 20, 2026 invoker category_cve
9.4 / 10
CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path (such as an encoded drive letter) in a Viewer storage API request, causing the configured storage root to be discarded and allowing arbitrary files to be read from the server filesystem.








Because the readable files include the server's master configuration, which stores database credentials, signing key locations, certificate passwords, and OAuth secrets, exploitation can lead to disclosure of all server secrets and full compromise of the server and its data. Cloud deployments are not affected, as they use object storage and do not enable this component.

AI Analysis

Path traversal vulnerability in Altium Enterprise Server Viewer StorageController allowing arbitrary file read and potential full server compromise

Basic Information

ID CVE-2026-9129
Source Altium
Published May 20, 2026 at 18:05

Affected Product

Vendor Altium
Product Altium Enterprise Server
Affected Versions Altium Altium Enterprise Server 0

CWE Classification

CWE-22 CWE-200

AI Assessment

AI Score 9.4 / 10
AI Severity Critical
Vendor Altium
Product Altium Enterprise Server

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.