Two vulnerabilities in Progress ShareFileβs Storage Zones Controller can be chained to enable unauthenticated file exfiltration and remote code execution on affected systems. The flaws (CVE-2026-2699 and CVE-2026-2701) were reported by watchTowr and fixed in Progress ShareFile 5.12.4 on March 10, but exposed instances should be patched immediately. #ProgressShareFile #StorageZoneController
Keypoints
- Two chained flaws (CVE-2026-2699 auth bypass and CVE-2026-2701 RCE) enable unauthenticated access and remote code execution.
- The vulnerabilities affect the Storage Zones Controller component in Progress ShareFile branch 5.x.
- An attacker can exploit the auth bypass to modify storage zone settings and obtain secrets needed to generate valid HMACs.
- RCE is achieved by abusing file upload and extraction to place ASPX webshells in the application webroot.
- watchTowr responsibly disclosed the issues and Progress released fixes in ShareFile 5.12.4; exposed instances should be updated immediately.