Back

Critical Vulnerabilities in Progress ShareFile Enable Unauthenticated File Exfiltration

Severity: High (Score: 72.0)

Sources: Scworld, Cisecurity, Cybersecuritydive, Bleepingcomputer, Gbhackers

Summary

Two critical vulnerabilities, CVE-2026-2699 and CVE-2026-2701, have been identified in Progress ShareFile's Storage Zones Controller, allowing unauthenticated attackers to perform remote code execution and potentially exfiltrate files. The vulnerabilities can be chained, starting with an authentication bypass that grants access to the admin interface, followed by remote code execution through file upload functionality. Approximately 30,000 instances of Progress ShareFile are exposed on the internet, with around 700 identified by the ShadowServer Foundation. Progress has released a patch in version 5.12.4 on March 10, 2026, addressing these vulnerabilities. No active exploitation has been reported yet, but the public disclosure raises concerns about potential attacks. Organizations using affected versions are urged to apply the patch immediately to mitigate risks. Key Points: • Two critical vulnerabilities in Progress ShareFile allow unauthenticated file exfiltration. • Approximately 30,000 instances of ShareFile are exposed to the public internet. • Organizations are urged to patch immediately following the release of version 5.12.4.

Key Entities

  • Data Breach (attack_type)
  • Remote Code Execution (attack_type)
  • Zero-day Exploit (attack_type)
  • Progress Software (company)
  • Germany (country)
  • United States (country)
  • CVE-2026-2699 (cve)
  • CVE-2026-2701 (cve)
  • Government (industry)
  • Healthcare (industry)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1190 - Exploit Public-Facing Application (mitre_attack)
  • T1203 - Exploitation for Client Execution (mitre_attack)
  • T1505.003 - Web Shell (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • Cleo (vulnerability)
  • Moveit (vulnerability)
  • Cleo File-transfer Software (platform)
  • MOVEit File Transfer Software (platform)
  • Progress ShareFile (platform)
  • Progress ShareFile Storage Zone Controller (platform)
  • ShareFile (platform)
  • Clop (ransomware_group)
  • Clop Ransomware Group (ransomware_group)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed