Ddos 
Image: watchTowr Labs
A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file transfer solution. The flaws, discovered by the research team at watchTowr, specifically target the Storage Zones Controller v5 deployments for customer-managed zones, potentially allowing unauthenticated attackers to gain remote code execution (RCE) on sensitive infrastructure.
While the vendor has released critical updates to address these issues, the severity of the exploits highlights the ongoing risks to on-premises data management.
The most dangerous of the two flaws is CVE-2026-2699, which carries a CVSS score of 9.8. This “Execution After Redirect” vulnerability allows an unauthenticated, remote attacker to bypass security restrictions and access sensitive configuration pages.
Once inside these restricted areas, an attacker can manipulate system settings or trigger further actions that lead to full system compromise.
“These vulnerabilities allow an unauthenticated remote attacker to access on-prem storage zones controller’s configuration pages, potentially leading to changes in system configuration and remote code execution,” the advisory warns.
The second vulnerability, CVE-2026-2701, carries a CVSS score of 9.1. In this scenario, an authenticated user—or an attacker who has leveraged the first flaw to gain a foothold—can upload a malicious file directly to the server.
Because the system fails to properly validate these uploads, the attacker can then execute the file, granting them the ability to run arbitrary code with the privileges of the server.
“Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution,” reads the CVE record.
To protect your environment, take the following actions:
- Upgrade Immediately: Progress has addressed these flaws in version 5.12.4.
- Migrate to V6: For a more permanent solution, customers can upgrade to any v6 version, as these newer releases are not impacted by these vulnerabilities.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
