CVE-2026-2701: sharefile storage zones controller vulnerability

Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
CVE-2026-2701CVSS 9.1General

CVE-2026-2701: sharefile storage zones controller vulnerability

Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.

CVSS
9.1 CRITICAL
EPSS
98.73%
Known exploited
not in KEV
Product
sharefile storage zones controller

What is known

Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.

Sources