CVE-2023-26258

CRITICAL EXPLOITED NUCLEI

Arcserve UDP <9.0.6034 - Auth Bypass

Title source: llm

Exploitation Summary

CVE-2023-26258 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including mdsecactivebreach. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-26258, targeting ArcServe UDP's authentication bypass and information leakage vulnerability. The exploit retrieves admin credentials via SOAP API calls and includes a decryption tool for the leaked password.

Description

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator.

Exploits (1)

nomisec WORKING POC 23 stars

by mdsecactivebreach · remote

https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-26258, targeting ArcServe UDP's authentication bypass and information leakage vulnerability. The exploit retrieves admin credentials via SOAP API calls and includes a decryption tool for the leaked password.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: ArcServe UDP

No auth needed

Prerequisites: Network access to ArcServe UDP service on port 8014

MITRE ATT&CK

T1552 - Unsecured Credentials T1110 - Brute Force

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Arcserve UDP <= 9.0.6034 - Authentication Bypass

CRITICALVERIFIEDby daffainfo

Shodan: http.favicon.hash:-1889244460

References (3)

Core 3

Core References

Product

https://www.arcserve.com/products/arcserve-udp

Exploit, Technical Description, Third Party Advisory

https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup/

Various Sources

https://support.arcserve.com/s/article/KB000015720?language=en_US

Scores

CVSS v3 9.8

EPSS 0.3419

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2025-08-19

CWE

CWE-863

Status published

Products (1)

arcserve/udp < 9.0.6034

Published Jul 03, 2023

Tracked Since Feb 18, 2026