Avid Nexis E-Series vulnerabilities
4 known vulnerabilities affecting avid/avid_nexis_e-series.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH4
Vulnerabilities
Page 1 of 1
CVE-2024-26291P2HIGHCVSS 8.7PoCfixed in 2025.5.12025-07-14
CVE-2024-26291 [HIGH] CWE-285 CVE-2024-26291: An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. T
An Unauthenticated Arbitrary File Read vulnerability affects the
Agent when installed on a system. The parameter filename does not validate the
path thus allowing users to read arbitrary files. As
the application runs with the highest privileges (root/NT_AUTHORITY SYSTEM)
by default attackers are able to obtain sensitive information.
This issue affec
nvd
CVE-2024-26290P3HIGHCVSS 8.7fixed in 2024.6.02025-03-12
CVE-2024-26290 [HIGH] CWE-20 CVE-2024-26290: Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-seri
Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance (SDA+) on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS E-series: before 2024.6.0; Avid NEXIS F-series: before 202
nvd
CVE-2024-26293P3HIGHCVSS 8.7fixed in 2025.5.12025-07-14
CVE-2024-26293 [HIGH] CWE-1395 CVE-2024-26293: The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP
The Avid Nexis Agent uses a vulnerable gSOAP
version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability.
This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+):
nvd
CVE-2024-26292P3HIGHCVSS 7.1fixed in 2025.5.12025-07-14
CVE-2024-26292 [HIGH] CWE-22 CVE-2024-26292: An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files.
An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files.
This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1.
nvd