CVE-2026-2038
CRITICALCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Description
GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MArc.Core.Remoting.exe process, which listens on port 8017. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-27934.
Analysis
Auth bypass in GFI Archiver via MArc.Core missing authorization. EPSS 0.59%.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all GFI Archiver instances in your environment and isolate them from untrusted networks if possible; enable enhanced logging and monitoring for suspicious access attempts. Within 7 days: Implement network segmentation to restrict access to GFI Archiver to authorized users only; deploy WAF rules to block exploitation attempts if applicable; contact GFI for patch timeline and interim guidance. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today