Multiple vulnerabilities have been discovered in Progress ShareFile, which when chained together, could allow for remote code execution. Progress ShareFile is a secure, cloud-based content collaboration and file-sharing platform. It enables businesses to securely exchange documents, manage client workflows, and obtain electronic signatures, with a focus on compliance for industries like finance and healthcare. Successful exploitation of the vulnerabilities when chained together could allow attackers to abuse the file upload and extraction functionality to place malicious ASPX webshells in the application’s webroot.
–
Read More – Cyber Security Advisories – MS-ISAC