轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202604-00000026

[內容說明]
【博格科技｜Borg SPM 2007 - Arbitrary File Upload】(CVE-2026-6885，CVSS：9.8) 未經身分鑑別之遠端攻擊者可上傳並執行網頁後門程式，進而於伺服器端執行任意程式碼。

【博格科技｜Borg SPM 2007 - Authentication Bypass】(CVE-2026-6886，CVSS：9.8) 未經身分鑑別之遠端攻擊者可以任意使用者登入系統。

【博格科技｜Borg SPM 2007 - SQL Injection】(CVE-2026-6887，CVSS：9.8) 未經身分鑑別之遠端攻擊者可注入任意SQL指令讀取、修改及刪除資料庫內容。

[影響平台]
Borg SPM 2007(於2008年停售)

[建議措施]
無論系統版本為何，凡有持續簽署維護合約之客戶，請聯繫廠商協助進行修補，或升級至最新版本系統(SPM2025 SP1已通過原碼檢測)。
若未簽署維護合約且仍持續使用該版本系統之用戶，請聯繫廠商以討論後續處理事宜。

[參考資料]
1. https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202604-00000026

[Content Description]
【BorG Technology Corporation｜Borg SPM 2007 - Arbitrary File Upload】(CVE-2026-6885, CVSS: 9.8) An unauthenticated remote attacker can upload and execute a web backdoor program, thereby executing arbitrary code on the server.

【BorG Technology Corporation｜Borg SPM 2007 - Authentication Bypass】(CVE-2026-6886, CVSS: 9.8) An unauthenticated remote attacker can allow any user to log in to the system.

【BorG Technology Corporation | Borg SPM 2007 - SQL Injection】(CVE-2026-6887, CVSS: 9.8) An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database contents.

[Affected Platforms]
Borg SPM 2007 (discontinued in 2008)

[Recommended Actions]
Regardless of the system version, customers with ongoing maintenance contracts should contact the vendor for assistance with patching or upgrading to the latest version (SPM2025 SP1 has passed source code testing).

Users who have not signed a maintenance contract and are still using this version of the system should contact the vendor to discuss further action.

[References]
1. https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html