CIS Advisories

Multiple Vulnerabilities in Progress ShareFile Could Allow for Remote Code Execution

2026-04-02 · Read original ↗

ATT&CK techniques detected

2 predictions

T1190Exploit Public-Facing Application

99%

“12. 4 risk : government : businesses : home users : technical summary : multiple vulnerabilities have been discovered in progress sharefile, which when chained together, could allow for remote code execution. details of the vulnerabilities are as follows : tactic : initial access…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1078.001Default Accounts

88%

“. - safeguard 18. 2 : perform periodic external penetration tests : perform periodic external penetration tests based on program requirements, no less than annually. external penetration testing must include enterprise and environmental reconnaissance to detect exploitable inform…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

Multiple vulnerabilities have been discovered in Progress ShareFile, which when chained together, could allow for remote code execution. Progress ShareFile is a secure, cloud-based content collaboration and file-sharing platform. It enables businesses to securely exchange documents, manage client workflows, and obtain electronic signatures, with a focus on compliance for industries like finance and healthcare. Successful exploitation of the vulnerabilities when chained together could allow attackers to abuse the file upload and extraction functionality to place malicious ASPX webshells in the application’s webroot.