top of page
perceptive_background_267k.jpg

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackeā€¦

Published:

22 April 2026 at 22:00:00

Alert date:

23 April 2026 at 11:02:17

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

CVE-2026-6885 affects Borg SPM 2007 developed by BorG Technology Corporation, which had sales ended in 2008. The vulnerability allows arbitrary file upload by unauthenticated remote attackers. Attackers can upload and execute web shell backdoors on the server. This enables arbitrary code execution with remote access capabilities. The product is legacy software that is no longer sold or supported. Despite being end-of-life, systems may still be running this vulnerable software in production environments.

Technical details

Mitigation steps:

Affected products:

Borg SPM 2007

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-6885
https://www.twcert.org.tw/en/cp-139-10863-2f48e-2.html
https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page