CVE-2026-8326 PUBLISHED

Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE

Assigner: NCSC.ch
Reserved: 11.05.2026 Published: 29.05.2026 Updated: 29.05.2026

Path traversal vulnerability in Remote Spark (https://www.Remotespark.Com/) SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an unauthenticated attacker.

This issue affects SparkView: before build 1127.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score: 10

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	High
Attack Complexity	Low	Integrity	High	Integrity	High
Attack Requirements	None	Availability	High	Availability	High
Privileges Required	None
User Interaction	None

CVSS 4.0

Product Status

Vendor	Remote Spark (https://www.remotespark.com/)
Product	SparkView
Versions	Default: unaffected affected from 0 to build 1127 (excl.)

Solutions

Update to build 1127

Credits

Manuel Feifel of InfoGuard Labs finder

References

https://www.remotespark.com/view/new.html

Problem Types

CWE-23 Relative path traversal CWE

Impacts

CAPEC-75 Manipulating Writeable Configuration Files
CAPEC-242 Code Injection
CAPEC-126 Path Traversal