CRITICAL
Intrado
CVE published 2026-04-23
CVE-2026-6074
CVE-2026-6074 is a critical unauthenticated path traversal flaw in Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x. The vulnerable download_debuglog_file.php endpoint can be abused by manipulating the name parameter to read files outside the intended directory. CISA published the advisory on 2026-04-23, and Intrado states it released a software update on 2026-03-02 to address the issue.