ShareFile Flaws Enable Unauthenticated Remote Code Execution

ShareFile Flaws Enable Unauthenticated Remote Code Execution

Posted on By CWS

Critical vulnerabilities have been identified in the ShareFile platform, a popular tool for content collaboration and file-sharing. These weaknesses, if exploited together, can lead to unauthenticated remote code execution (RCE), according to cybersecurity experts at WatchTowr.

Details of the Vulnerabilities

The first vulnerability, labeled CVE-2026-2699 and carrying a CVSS score of 9.8, permits attackers to access restricted configuration pages without authentication. This flaw, described as an Execution After Redirect (EAR) issue, was discovered when attempts were made to reach an administrative endpoint via a web browser.

Though the browser redirected to a login page meant to be local-only, the HTTP header revealed more information than anticipated. By altering the HTTP response and omitting the Location header, WatchTowr gained unauthorized entry to the admin page for Storage Zone settings.

Implications of the Security Flaws

This access enabled WatchTowr to manipulate Storage Zone parameters, including the ShareFile passphrase, and connect a victim’s Storage Zone Controller to a malicious Zone without authentication. This manipulation could redirect the victim’s file repository to an external AWS S3 Bucket controlled by the attacker, facilitating the exfiltration of sensitive data.

Furthermore, attackers could misuse administrative access to change the file storage location to insecure areas, such as the application’s webroot directory, posing significant security threats.

Exploitation and Resolution

While investigating, WatchTowr also uncovered CVE-2026-2701, an arbitrary file upload vulnerability with a CVSS score of 9.1. This flaw allows attackers to upload a web shell, achieving RCE. By combining these vulnerabilities, attackers could execute RCE on ShareFile instances without needing authentication.

These security issues were reported to ShareFile in early February and have since been resolved in version 5.12.4. It is important to note that ShareFile versions 6.x are not impacted by these vulnerabilities.

The discovery underscores the importance of timely updates and patches to safeguard against potential cyber threats.

Security Week News Tags:, , , , , , , , , , , ,

Related Posts

Critical Vulnerabilities Found in Intel’s TDX by Google Critical Vulnerabilities Found in Intel’s TDX by Google Security Week News
Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security Security Week News
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada Security Week News
Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People Security Week News
MainStreet Bank Data Breach Impacts Customer Payment Cards  MainStreet Bank Data Breach Impacts Customer Payment Cards  Security Week News
Microsoft Enhances Windows Security with New Safeguards Microsoft Enhances Windows Security with New Safeguards Security Week News