CVE-2026-2699
Unauthorized Access in ShareFile SZC Enables Remote Code Execution
Publication date: 2026-04-02
Last updated on: 2026-04-21
Assigner: Progress Software Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| progress | sharefile_storage_zones_controller | From 5.0.0 (inc) to 5.12.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-698 | The web application sends a redirect to another location, but instead of exiting, it executes additional code. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2699 is a critical security vulnerability in Progress ShareFile Storage Zones Controller version 5.x that allows an unauthenticated remote attacker to access restricted configuration pages.
This unauthorized access can lead to changes in system configuration and potentially enable remote code execution, which means the attacker could run arbitrary code on the affected system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how CVE-2026-2699 affects compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability impact me? :
The vulnerability can have severe impacts including unauthorized modification of system configurations and the possibility of remote code execution.
- An attacker could gain control over the system by changing configurations without authentication.
- Remote code execution could allow the attacker to execute malicious code, potentially leading to data breaches, system compromise, or service disruption.
Because the vulnerability requires no authentication and has a high CVSS score of 9.8, it represents a critical risk to affected environments.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a GET request to the endpoint /ConfigService/Admin.aspx on the ShareFile Storage Zones Controller instance.
If the HTTP response status code is anything other than 403, it indicates probable vulnerability. A 403 status code suggests the instance is probably not vulnerable.
A detection tool is available that automates this check by analyzing the HTTP response status code.
- Example command using curl: curl -i http://<target-host>/ConfigService/Admin.aspx
- Check the HTTP response status code from the above command; a code other than 403 indicates potential vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, it is strongly advised to upgrade the ShareFile Storage Zones Controller to version 5.12.4 or later.
Alternatively, upgrading to any version in the 6.x series is recommended, as these versions are not affected by this vulnerability.
Unsupported versions should be upgraded to a supported fixed release to ensure security.
Customers with active maintenance and warranty can seek technical support for upgrading.