Unrated severityNVD Advisory· Published Oct 20, 2023· Updated Feb 23, 2026
M-Files Web Companion allows Remote Code Execution for some filetypes
CVE-2023-5524
Description
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows
Remote Code Execution
via specific file types
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: before 23.10 and before 23.8 LTS SR1
- M-Files/Web Companionv5Range: 23.3
Patches
Vulnerability mechanics
References
2- empower.m-files.com/security-advisories/CVE-2023-5524mitrevendor-advisory
- product.m-files.com/security-advisories/cve-2023-5524/mitrevendor-advisory
News mentions
0No linked articles in our index yet.