Multiple Vulnerabilities in Progress ShareFile Could Allow for Remote Code Execution
ID: c1ccfc7f-662e-566c-bd2f-8f71dddbbd40
STIX ID: report--c1ccfc7f-662e-566c-bd2f-8f71dddbbd40
Feed Name: CISecurity.org Advisories
Threat Score
Multiple vulnerabilities were discovered in Progress ShareFile's Storage Zones Controller (SZC): an authentication bypass (CVE-2026-2699) that may grant access to the admin interface and a file upload/extraction remote code execution (CVE-2026-2701) that can place ASPX webshells in the webroot; when chained, these allow attackers to obtain remote code execution on the server.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.