CVE-2026-8464
Received Received - Intake
Unauthenticated Path Traversal in Golem OEE MES

Publication date: 2026-06-11

Last updated on: 2026-06-11

Assigner: CERT.PL

Description
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in versionΒ 11.6.0
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-11
Last Modified
2026-06-11
Generated
2026-06-11
AI Q&A
2026-06-11
EPSS Evaluated
N/A
NVD
CVE-2026-8464
EUVD
EUVD-2026-36234
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
neuron_soft golem_oee_mes 11.6.0
neuron_soft golem_oee_mes to 11.6.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

An attacker exploiting this vulnerability can read any file on the server running the Golem OEE MES software if they are on the same local network. This could lead to exposure of sensitive data stored on the server, potentially compromising system security and confidentiality.

Executive Summary

CVE-2026-8464 is a path traversal vulnerability in the Golem OEE MES software by Neuron Soft. It allows an attacker located in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths without needing to authenticate.

This vulnerability affects all versions below 11.6.0 and was fixed in version 11.6.0.

Mitigation Strategies

To mitigate the vulnerability CVE-2026-8464 in Golem OEE MES, you should update the software to version 11.6.0 or later, as this version contains the fix for the unauthenticated path traversal flaw.

Before performing the update, it is recommended to disconnect all running programs and back up your databases to avoid corruption.

Ensure that all components of the system, including mobile applications, are updated since the vulnerability was also addressed in the mobile app packages.

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests on your network or system for suspicious path traversal patterns. Since the flaw allows reading arbitrary files by manipulating HTTP request paths without authentication, you should look for HTTP requests containing sequences like "../" or other directory traversal indicators targeting the Golem OEE MES server.

A practical approach is to capture and analyze HTTP traffic to the Golem OEE MES server using tools such as tcpdump or Wireshark, filtering for HTTP requests with suspicious path traversal patterns.

Example commands to detect such attempts include:

  • Using tcpdump to capture HTTP requests containing '../': tcpdump -i <interface> -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '\.\./'
  • Using grep on web server logs to find path traversal attempts: grep '\.\./' /path/to/golem_oee_mes/access.log
  • Using curl to test the vulnerability manually by sending crafted HTTP requests with path traversal sequences to the server and observing responses.

Note that the vulnerability affects versions below 11.6.0, so verifying the installed version of Golem OEE MES is also important.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8464. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart