PT-2026-44831 · Sparkview · Sparkview
Manuel Feifel
·
Published
2026-05-29
·
Updated
2026-05-29
·
CVE-2026-8326
CVSS v4.0
10
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
SparkView versions prior to build 1127
Description
A path traversal issue in the RDP drive redirection component allows an attacker to read and write arbitrary files across all directories with root privileges. Depending on the implementation, this can be exploited by an unauthenticated attacker and may lead to remote code execution (RCE), which is the ability to execute arbitrary commands on a target machine over a network.
Recommendations
Update to build 1127 or later.
Fix
RCE
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sparkview