GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MArc.Store.Remoting.exe process, which listens on port 8018. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-28597.
The MArc.Store.Remoting.exe process listens on port 8018 and exposes functionality without verifying the identity or permissions of the caller (CWE-862 — missing required authorization). An attacker can remotely communicate with this process without any authentication and gain access to its functions. Exploiting this vulnerability in combination with other vulnerabilities enables escalation to code execution in the context of the SYSTEM account.
An attacker can bypass authentication and gain unauthorized access to service functions, and subsequently — through an exploit chain — execute arbitrary code with SYSTEM privileges on the vulnerable server.
Patches available from the manufacturer should be applied according to the references. Additionally, it is recommended to restrict network access to port 8018 (e.g., using a firewall or ACL rules) exclusively to authorized hosts until the patch is deployed.
GFI Archiver — versions indicated in the manufacturer's references and in the Zero Day Initiative advisory (ZDI-26-077)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGfi Archiver
APPGfi15.10
Related vulnerabilities
GFI Archiver MArc.Core — pominięcie autoryzacji (Authentication Bypass)
GFI Archiver – RCE przez podatną wersję Telerik Web UI
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation o...
GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerabili...
GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerabil...