Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

sharefile_storage_zones_controller

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-2701
Assigner-Progress Software Corporation
ShareView Details
Assigner-Progress Software Corporation
CVSS Score-9.1||CRITICAL
EPSS-1.17% / 79.14%
||
7 Day CHG+0.16%
Published-02 Apr, 2026 | 13:04
Updated-21 Apr, 2026 | 00:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC)

Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.

Action-Not Available
Vendor-Progress Software Corporation
Product-sharefile_storage_zones_controllerShareFile Storage Zones Controller
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-2699
Assigner-Progress Software Corporation
ShareView Details
Assigner-Progress Software Corporation
CVSS Score-9.8||CRITICAL
EPSS-32.03% / 96.95%
||
7 Day CHG+0.86%
Published-02 Apr, 2026 | 13:04
Updated-21 Apr, 2026 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EAR vulnerability in Progress ShareFile Storage Zones Controller (SZC)

Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.

Action-Not Available
Vendor-Progress Software Corporation
Product-sharefile_storage_zones_controllerShareFile Storage Zones Controller
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-698
Execution After Redirect (EAR)
CVE-2023-24489
Assigner-Citrix Systems, Inc.
ShareView Details
Assigner-Citrix Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-94.39% / 99.97%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 21:11
Updated-26 Feb, 2026 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-09-06||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)
Product-sharefile_storage_zones_controllerCitrix ShareFile Storage Zones ControllerContent Collaboration
CWE ID-CWE-284
Improper Access Control