CVE-2026-7185

MEDIUM

T-Systems Archivo - Unauthorized Access to Files in T-Systems Products

Title source: rule
STIX 2.1

Description

A validation vulnerability has been identified in certain web features related to file management or upload in several products of the TAO 2.0 suite. This vulnerability could allow an attacker capable of interacting with the affected feature to attempt to access file system resources outside the scope intended by the application.

Scores

CVSS v4 6.0
EPSS 0.0029
EPSS Percentile 21.0%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (8)
T-Systems/Archivo < 2602.00
T-Systems/Archivo 2602.00
T-Systems/Buroweb < 2602.00
T-Systems/Buroweb 2602.00
T-Systems/eStima < 2602.00
T-Systems/eStima 2602.00
T-Systems/MyTAO < 2602.00
T-Systems/MyTAO 2602.00
Published Jul 06, 2026
Tracked Since Jul 06, 2026