{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2701", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "state": "PUBLISHED", "assignerShortName": "ProgressSoftware", "dateReserved": "2026-02-18T17:20:44.202Z", "datePublished": "2026-04-02T13:04:38.554Z", "dateUpdated": "2026-04-03T03:55:26.174Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2026-04-02T13:04:38.554Z"}, "title": "RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC)", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type", "type": "CWE"}, {"lang": "en", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}, {"lang": "en", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}], "impacts": [{"descriptions": [{"lang": "en", "value": "This vulnerability allows an authenticated user to upload a malicious file to the server and execute it, potentially leading to remote code execution."}]}], "affected": [{"vendor": "Progress", "product": "ShareFile Storage Zones Controller", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "5.12.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution."}]}], "references": [{"url": "https://docs.sharefile.com/en-us/storage-zones-controller/5-0/security-vulnerability-feb26", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "CRITICAL", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}}], "workarounds": [{"lang": "en", "value": "Reset the secret and password using custom tool provided by ShareFile", "supportingMedia": [{"type": "text", "base64": false, "value": "Reset the secret and password using custom tool provided by ShareFile"}]}], "credits": [{"lang": "en", "value": "Piotr Bazydlo of watchTowr", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-2701"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T03:55:26.174Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2701", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-02T13:48:38.846207Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T13:48:41.958Z"}}], "cna": {"title": "RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC)", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Piotr Bazydlo of watchTowr"}], "impacts": [{"descriptions": [{"lang": "en", "value": "This vulnerability allows an authenticated user to upload a malicious file to the server and execute it, potentially leading to remote code execution."}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Progress", "product": "ShareFile Storage Zones Controller", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "5.12.3"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://docs.sharefile.com/en-us/storage-zones-controller/5-0/security-vulnerability-feb26", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "Reset the secret and password using custom tool provided by ShareFile", "supportingMedia": [{"type": "text", "value": "Reset the secret and password using custom tool provided by ShareFile", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.", "supportingMedia": [{"type": "text/html", "value": "Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type"}, {"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}, {"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2026-04-02T13:04:38.554Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2701", "state": "PUBLISHED", "dateUpdated": "2026-04-03T03:55:26.174Z", "dateReserved": "2026-02-18T17:20:44.202Z", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "datePublished": "2026-04-02T13:04:38.554Z", "assignerShortName": "ProgressSoftware"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:progress:sharefile_storage_zones_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E529EF7-C595-44DE-AC65-65823643EBCD", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution."}], "id": "CVE-2026-2701", "lastModified": "2026-04-21T00:28:12.500", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "security@progress.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-02T14:16:27.917", "references": [{"source": "security@progress.com", "tags": ["Vendor Advisory"], "url": "https://docs.sharefile.com/en-us/storage-zones-controller/5-0/security-vulnerability-feb26"}], "sourceIdentifier": "security@progress.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}, {"lang": "en", "value": "CWE-94"}, {"lang": "en", "value": "CWE-434"}], "source": "security@progress.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.12.3]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "sharefile_storage_zones_controller", "vendor": "progress"}], "analysis": {"en": {"generated_at": "2026-04-02T15:07:29.000889+00:00", "value": {"mitigation_remediation": ["Reset the secret and password using the custom ShareFile tool", "Review and restrict user roles to limit file upload permissions to only those who need them", "Apply any vendor patch or upgrade for the ShareFile Storage Zones Controller as soon as it is released", "Continuously monitor system logs for suspicious file upload or execution activity"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected product is Progress ShareFile Storage Zones Controller. Specific version information is not disclosed, so all deployed instances of this product may be vulnerable unless they have been patched recently. Users with upload privileges in the system are the ones who can exploit this flaw.", "description_and_impact": "This vulnerability allows an authenticated user to upload a malicious file to the Progress ShareFile Storage Zones Controller and execute it, resulting in remote code execution. The flaw arises from insufficient validation of uploaded content, permitting arbitrary code to run on the server. Attackers can compromise the confidentiality, integrity, and availability of the affected system and potentially gain full control of the underlying host.", "risk_and_exploitability": "The CVSS score of 9.1 indicates a critical level of severity. While an EPSS score is not available, the vulnerability remains significant. The information does not list it in the CISA KEV catalog, but the impact is severe. The likely attack vector is through an authenticated user who is permitted to upload files, indicating that internal or compromised accounts could be used to trigger the exploit. No additional conditions are specified, so the exploit appears straightforward once an authenticated session is established."}}}}, "created": "2026-04-02T20:12:36.002421+00:00", "updated": "2026-04-02T20:21:16.097919+00:00", "vendors": ["progress", "progress$PRODUCT$sharefile_storage_zones_controller"]}