April 2, 2026

New ShareFile Flaws Enable Pre-Auth Remote Code Execution Attacks

Vaibhav April 2, 2026
New-ShareFile-Flaws-Enable-Pre-Auth-Remote-Code-Execution-Attacks
Post Views: 10

Progress Fixes Flaw That Could Allow Unauthenticated Access to File Sharing Solution

In recent years, enterprise-grade file sharing and collaboration platforms have become increasingly popular among organizations of all sizes.

Risks Associated with Compromised Platforms

These solutions allow employees to securely share and manage files across different departments and locations. However, they also present a significant risk to organizations if compromised by hackers.

Vulnerabilities Identified in Progress ShareFile

Last week, researchers at Watchtowr disclosed two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution.

  • The first vulnerability, CVE-2026-2699, is an authentication bypass flaw that allows attackers to gain access to the ShareFile admin interface due to improper handling of HTTP redirects.
  • The second vulnerability, CVE-2026-2701, is a remote code execution flaw that allows attackers to abuse file upload and extraction functionality to place malicious ASPX webshells in the application’s webroot.

Affected Environments and Recommendations

Watchtowr’s research found that approximately 30,000 Storage Zone Controller instances were exposed on the public internet, while the ShadowServer Foundation observed around 700 internet-exposed instances of Progress ShareFile, mostly located in the US and Europe.

According to Watchtowr, “the combination of these two vulnerabilities creates a critical situation where unauthenticated attackers can exfiltrate files from affected environments.”

After being informed of the vulnerabilities, Progress quickly released security updates in version 5.12.4 on March 10, addressing both issues. While no active exploitation has been observed so far, systems running vulnerable versions of ShareFile Storage Zone Controller should be patched immediately, as the public disclosure of the chain is likely to attract threat actors.

This incident highlights the importance of regular software updates and monitoring for potential vulnerabilities in file sharing and collaboration platforms. Organizations using Progress ShareFile or similar solutions should ensure that their systems are up-to-date and take necessary precautions to prevent unauthorized access to sensitive data.



About Author

Vaibhav

See author's posts

More Stories

Thousands-of-Exposed-F5-BIG-IP-Instances-Vulnerable-to-Critical-RCE-Attacks

Thousands of Exposed F5 BIG-IP Instances Vulnerable to Critical RCE Attacks

Vaibhav April 2, 2026
AWS-Environments-Vulnerable-to-TeamPCP-Threats

AWS Environments Vulnerable to TeamPCP Threats

Vaibhav April 1, 2026
Google-Drive-Now-Enables-Ransomware-Detection-by-Default-for-Paid-Users

Google Drive Now Enables Ransomware Detection by Default for Paid Users

Vaibhav April 1, 2026

Latest Cyber Security News

Protecting-Identity-Security-Beyond-Borders-A-Growing-Concern

Protecting Identity Security Beyond Borders: A Growing Concern

Vaibhav April 2, 2026
hasbro-confirms-cyber-attack-expects-weeks-long-resolution-timeframe-focuskeyword-Hasbro-Cyber-Attack-Data-Breach

hasbro-confirms-cyber-attack-expects-weeks-long-resolution-timeframe focuskeyword: Hasbro, Cyber Attack, Data Breach

Vaibhav April 2, 2026
Apple-Introduces-Expanded-DarkSword-Vulnerability-Shield-for-Multiple-Devices

Apple Introduces Expanded DarkSword Vulnerability Shield for Multiple Devices

Vaibhav April 2, 2026
Software-Supply-Chain-Attacks-Cause-Surge-in-Cyber-Infiltrations-and-Data-Breaches

Software Supply Chain Attacks Cause Surge in Cyber Infiltrations and Data Breaches

Vaibhav April 2, 2026
Financial-Sector-on-High-Alert-Due-to-AI-Driven-Fraud-Surge

Financial Sector on High Alert Due to AI-Driven Fraud Surge

Vaibhav April 2, 2026
en_USEnglish
en_USEnglish