Back to search
CVE-2024-26293
Published: Jul 14, 2025
Modified: Jul 14, 2025
PUBLISHED
Description
The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1.
| Vendor | Product | Versions |
|---|---|---|
Avid | Avid NEXIS E-series | affected 0 - < 2025.5.1 |
Avid | Avid NEXIS F-series | affected 0 - < 2025.5.1 |
Avid | Avid NEXIS PRO+ | affected 0 - < 2025.5.1 |
Avid | System Director Appliance (SDA+) | affected 0 - < 2025.5.1 |
Weaknesses (CWE)
References
https://raeph123.github.io/BlogPosts/Avid_Nexis/Advisory_Avid_Nexus_Agent_Multiple_Vulnerabilities_en.html
third-party-advisory
technical-description
https://www.genivia.com/changelog.html
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now