Post by Securitum
6,439 followers
A single malformed request was enough to read files from the server. Our new article on CVE-2026-8464 is now live. It covers a path traversal vulnerability found in Golem OEE MES. The vulnerability was discovered during a penetration test of an industrial environment. No authentication was required, and improper file access controls made it possible to read files such as win.ini, hosts, and NetSetup.log. In the article, Karol Królak explains what was found, how the vulnerability worked, and why vulnerabilities like this still matter in OT environments. Affected versions: all versions before 11.6.0. Link to the article in the first comment 👇 #CyberSecurity #OTSecurity #IndustrialSecurity #CVE #PathTraversal #PenetrationTesting #PentestChronicles