← back
CVE-2026-2701

RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC)

CVSS 9.1 CRITICALEPSS 48.8%CWE-434CWE-78CWE-94
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected products
Progress · ShareFile Storage Zones Controller

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.sharefile.com/en-us/storage-zones-controller/5-0/security-vulnerability-feb26