Critical Vulnerabilities in Progress ShareFile Enable Unauthenticated File Exfiltration

Critical Vulnerabilities in Progress ShareFile Enable Unauthenticated File Exfiltration

First seen 3 Apr 2026, 00:30 UTC BleepingcomputerCisecurityGbhackersScworldCybersecuritydive+2 83% similarity 72.0

Article Content

Browse articles
ThreatCluster

Two critical vulnerabilities, CVE-2026-2699 and CVE-2026-2701, have been identified in Progress ShareFile's Storage Zones Controller, allowing unauthenticated attackers to perform remote code execution and potentially exfiltrate files. The vulnerabilities can be chained, starting with an authentication bypass that grants access to the admin interface, followed by remote code execution through file upload functionality. Approximately 30,000 instances of Progress ShareFile are exposed on the internet, with around 700 identified by the ShadowServer Foundation. Progress has released a patch in version 5.12.4 on March 10, 2026, addressing these vulnerabilities. No active exploitation has been reported yet, but the public disclosure raises concerns about potential attacks. Organizations using affected versions are urged to apply the patch immediately to mitigate risks.

Key Points: • Two critical vulnerabilities in Progress ShareFile allow unauthenticated file exfiltration. • Approximately 30,000 instances of ShareFile are exposed to the public internet. • Organizations are urged to patch immediately following the release of version 5.12.4.

ThreatCluster AI

Timeline

2026-02-06
Vulnerabilities reported to Progress by watchTowr
2026-02-18
Full exploit chain confirmed for Progress ShareFile 5.12.4
2026-03-10
Patch released in Progress ShareFile version 5.12.4
2026-04-02
CVE-2026-2699 and CVE-2026-2701 published
2026-04-03
Articles published detailing vulnerabilities and risks

Community

Browse all →