Arbitrary File Write Vulnerability in Group-Office by Intermesh
CVE-2026-34838
What is CVE-2026-34838?
CVE-2026-34838 is a significant vulnerability impacting Group-Office, an enterprise customer relationship management and groupware tool developed by Intermesh. This vulnerability arises from an insecure deserialization within the AbstractSettingsCollection model prior to specific versions (6.8.156, 25.0.90, and 26.0.12). The flaw allows an authenticated attacker to inject a serialized FileCookieJar object into a setting string, leading to arbitrary file write capabilities. This functionality can be exploited to achieve Remote Code Execution (RCE) on the server, presenting serious risks to organizations that rely on Group-Office for managing customer relationships and collaborative tasks. Successful exploitation could compromise the entire system, allowing attackers to execute malicious code that could harm organizational integrity and steal sensitive data.
Potential impact of CVE-2026-34838
-
Remote Code Execution (RCE): The vulnerability enables attackers to execute arbitrary code on the server. This capability could lead to total system compromise, allowing for further exploits or the deployment of malware.
-
Data Breach Risks: With access to critical systems, attackers could potentially access sensitive organizational data, including personal information of clients and employees, leading to privacy violations and regulatory repercussions.
-
Operational Disruption: Exploitation of this vulnerability could lead to significant operational downtime as systems may be taken offline to mitigate the attack, impacting business continuity and potentially resulting in financial losses.
Affected Version(s)
groupoffice < 6.8.156 < 6.8.156
groupoffice < 25.0.90 < 25.0.90
groupoffice < 26.0.12 < 26.0.12