Primary

Context

GFI Archiver Missing Authorization Authentication Bypass Vulnerability

Vulnerability

Patched

A missing authorization vulnerability allowing authentication bypass has been identified in GFI Archiver. This issue arises in the MArc.Store.Remoting.exe process, which listens on port 8018. The vulnerability allows remote attackers to bypass authentication and access functionality without authorization. Exploitation of this vulnerability could be combined with other vulnerabilities to execute code with SYSTEM privileges.

Impact

Bypassing authentication could allow unauthorized users to access restricted functionality, potentially leading to code execution with SYSTEM privileges.

Remediation

Users can upgrade to GFI Archiver version 15.11 to address this vulnerability.

Added: Feb 20, 2026, 11:22 PM

Updated: Feb 20, 2026, 11:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

10.0

exploitability

6.8

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

10.0

exploitability

6.8

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GFI Archiver Missing Authorization Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GFI Archiver

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating