CVE-2026-2038CRITICAL 9.8EPSS p46.3%

CVE-2026-2038CVE-2026-2038

Description

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MArc.Core.Remoting.exe process, which listens on port 8017. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-27934.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.65% probability of exploitation · percentile 46.3% · 2026-06-19T12:03:05Z
Published2026-02-20
Last modified2026-02-24

Underlying weaknesses· 1

CWE-862

References

  1. https://www.zerodayinitiative.com/advisories/ZDI-26-075/

1

TypeTargetConfidenceTier
WeaknessMissing Authorizationcwe-8620%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2039
CVE
CVE-2026-2037
CVE
CVE-2026-2036
CVE
CVE-2025-27256
CVE
CVE-2025-6926
CVE
CVE-2025-8611
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.