Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
Articles & Coverage 2
AnalysisAI
Remote code execution in Progress ShareFile Storage Zones Controller versions up to 5.12.3 allows high-privileged authenticated users to upload and execute malicious files on the server. The CVSS 9.1 score reflects scope change and total system compromise. Publicly available exploit code exists (confirmed by Italian CERT), though EPSS probability remains low at 0.19% and no active exploitation is confirmed by CISA KEV. Real-world risk depends heavily on authentication controls and privileged account management in ShareFile deployments.
Technical ContextAI
ShareFile Storage Zones Controller is Progress Software's on-premises storage solution for ShareFile cloud file sharing service. This vulnerability stems from CWE-434 (Unrestricted Upload of File with Dangerous Type), indicating insufficient validation of uploaded file types, extensions, or content before server-side execution. The affected component (CPE: cpe:2.3:a:progress:sharefile_storage_zones_controller) processes authenticated file uploads without adequate sandboxing or execution prevention. The CVSS vector's scope change (S:C) suggests the vulnerable upload mechanism can break out of its security context, potentially compromising the underlying server operating system or adjacent components beyond the ShareFile application itself.
RemediationAI
Upgrade to Progress ShareFile Storage Zones Controller version 5.12.4 or later, which contains vendor-released patches addressing the unrestricted file upload vulnerability (exact fix version inferred from 5.12.3 maximum affected version but not independently confirmed in provided data - verify with vendor advisory at https://docs.sharefile.com/en-us/storage-zones-controller/5-0/security-vulnerability-feb26). Until patching is complete, implement compensating controls: (1) restrict Storage Zones Controller administrative access to jump hosts with multi-factor authentication and session recording to detect malicious uploads; (2) enable file integrity monitoring on server executable directories to alert on unauthorized file creation; (3) implement application whitelisting on Storage Zones Controller servers to prevent execution of unapproved binaries, though this may interfere with legitimate administrative tasks requiring testing; (4) review and rotate all high-privilege ShareFile administrative credentials to mitigate potential prior compromise. Network segmentation isolating Storage Zones Controller from internal networks limits post-exploitation lateral movement but does not prevent initial code execution. Organizations using cloud-only ShareFile deployments should verify with Progress whether Storage Zones Controller is deployed in their environment.
Unauthenticated remote code execution affects Progress ShareFile Storage Zones Controller versions up to 5.12.3 via unau
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, coul
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18220