Primary

Context

BorG Technology Corporation Borg SPM 2007 Arbitrary File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

An arbitrary file upload vulnerability has been identified in Borg SPM 2007, a product developed by BorG Technology Corporation that is no longer sold. This vulnerability allows unauthenticated remote attackers to upload and execute web shell backdoors, enabling arbitrary code execution on the server.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where Borg SPM 2007 is installed.

Remediation

Customers with active maintenance contracts are advised to contact the vendor for patching assistance or to upgrade to the latest version, as SPM2025 SP1 has successfully passed source code security audits.

Added: Apr 23, 2026, 10:21 AM

Updated: Apr 23, 2026, 10:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BorG Technology Corporation Borg SPM 2007 Arbitrary File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating