Gfi

Archiver

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-2039

  • EPSS 0.62%
  • Veröffentlicht 20.02.2026 22:13:54
  • Zuletzt bearbeitet 24.02.2026 21:42:14

GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerabi...

8.8

CVE-2026-2036

  • EPSS 0.81%
  • Veröffentlicht 20.02.2026 22:13:45
  • Zuletzt bearbeitet 24.02.2026 21:43:18

GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to expl...

9.8

CVE-2026-2038

  • EPSS 0.62%
  • Veröffentlicht 20.02.2026 22:13:35
  • Zuletzt bearbeitet 24.02.2026 21:43:04

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerabil...

8.8

CVE-2026-2037

  • EPSS 0.81%
  • Veröffentlicht 20.02.2026 22:13:24
  • Zuletzt bearbeitet 24.02.2026 21:41:45

GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to explo...

8.1

CVE-2025-35940

  • EPSS 0.13%
  • Veröffentlicht 10.06.2025 20:27:51
  • Zuletzt bearbeitet 12.06.2025 16:06:29

The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL endpoints.

8.8

CVE-2024-11947

  • EPSS 6.48%
  • Veröffentlicht 12.12.2024 01:40:21
  • Zuletzt bearbeitet 13.12.2024 19:33:07

GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is required to exploit thi...

9.8

CVE-2024-11948

  • EPSS 3.46%
  • Veröffentlicht 12.12.2024 01:40:21
  • Zuletzt bearbeitet 13.12.2024 19:32:21

GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specif...

8.8

CVE-2024-11949

  • EPSS 6.48%
  • Veröffentlicht 12.12.2024 01:40:21
  • Zuletzt bearbeitet 13.12.2024 19:28:30

GFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is required to exploit th...

9.8

CVE-2021-29281

Exploit
  • EPSS 3.56%
  • Veröffentlicht 07.07.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:00:55

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.