CVE-2026-7185
MEDIUMT-Systems Archivo - Unauthorized Access to Files in T-Systems Products
Title source: ruleDescription
A validation vulnerability has been identified in certain web features related to file management or upload in several products of the TAO 2.0 suite. This vulnerability could allow an attacker capable of interacting with the affected feature to attempt to access file system resources outside the scope intended by the application.
References (1)
Core 1
Core References
Scores
CVSS v4
6.0
EPSS
0.0029
EPSS Percentile
21.0%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (8)
T-Systems/Archivo
< 2602.00
T-Systems/Archivo
2602.00
T-Systems/Buroweb
< 2602.00
T-Systems/Buroweb
2602.00
T-Systems/eStima
< 2602.00
T-Systems/eStima
2602.00
T-Systems/MyTAO
< 2602.00
T-Systems/MyTAO
2602.00
Published
Jul 06, 2026
Tracked Since
Jul 06, 2026