PT-2026-34650 · Unknown · Borg Spm 2007

Published

2026-04-23

Updated

2026-04-23

CVE-2026-6885

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Borg SPM 2007 (affected versions not specified)

Description An arbitrary file upload flaw allows unauthenticated remote attackers to upload and execute web shell backdoors, which enables arbitrary code execution on the server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2026-6885

Affected Products

Borg Spm 2007

PT-2026-34650 · Unknown · Borg Spm 2007

CVE-2026-6885

Weakness Enumeration

Related Identifiers

Affected Products

References · 5