CVE 9.3 CRITICAL

BorG Technology Corporation｜Borg SPM 2007 – Arbitrary File Upload_CVE-2026-6885

April 23, 2026 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

AI Analysis

Arbitrary File Upload vulnerability allowing unauthenticated remote attackers to upload and execute web shell backdoors

Basic Information

ID CVE-2026-6885

Source twcert

Published Apr 23, 2026 at 09:05

Affected Product

Vendor BorG Technology Corporation

Product Borg SPM 2007

Affected Versions BorG Technology Corporation Borg SPM 2007 0

CWE Classification

CWE-434

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor BorG Technology Corporation

Product Borg SPM 2007

References

{
    "lastseen": "",
    "description": "Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.",
    "published": "2026-04-23T09:05:06.602Z",
    "modified": "2026-04-23T09:05:06.602Z",
    "type": "cve",
    "title": "BorG Technology Corporation\uff5cBorg SPM 2007 - Arbitrary File Upload",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html\nhttps://www.twcert.org.tw/en/cp-139-10863-2f48e-2.html",
    "id": "CVE-2026-6885",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "BorG Technology Corporation Borg SPM 2007 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Borg SPM 2007",
    "version": "0",
    "vendor": "BorG Technology Corporation",
    "ai_description": "Arbitrary File Upload vulnerability allowing unauthenticated remote attackers to upload and execute web shell backdoors",
    "ai_severity": "Critical",
    "ai_vendor": "BorG Technology Corporation",
    "ai_product": "Borg SPM 2007",
    "ai_version": "0",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply