PatchSiren

Intrado CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL Intrado CVE published 2026-04-23

CVE-2026-6074

CVE-2026-6074 is a critical unauthenticated path traversal flaw in Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x. The vulnerable download_debuglog_file.php endpoint can be abused by manipulating the name parameter to read files outside the intended directory. CISA published the advisory on 2026-04-23, and Intrado states it released a software update on 2026-03-02 to address the issue.

CRITICAL Intrado CVE published 2024-06-11

CVE-2024-1839

CVE-2024-1839 is a critical unauthenticated blind time-based SQL injection vulnerability in the Intrado 911 Emergency Gateway (EGW) login form, published by CISA on June 11, 2024. The vulnerability carries a CVSS 3.1 score of 10.0 (Critical), reflecting network attackability with no privileges required, no user interaction, and scope change, with high impacts to confidentiality, integrity, and availabilit [truncated]