Copyright ©
Assetnote Pty.Ltd.
Jul 4, 2023
An unauthenticated attacker can upload arbitrary files leading to remote code execution. A cryptographic flaw, coupled with a path traversal vulnerability enable the attacker to upload files to the webroot via the /documentum/upload.aspx page.
An attacker can upload a web shell to the ShareFile system and execute arbitrary commands. After gaining RCE, it may be possible to laterally escalate privileges on the network.
The following versions are affected by this vulnerability:
ShareFile is cloud-based file sharing and collaboration application. The ShareFile Storage Zones Controller provides the customer with the ability to store files in their own data center as opposed to the ShareFile cloud.
Upgrade to the latest version of ShareFile Storage Zones Controller. > 5.11.24.
Citrix’s official advisory can be found here.
The blog post detailing the steps taken for the discovery of this vulnerability can be found here.
Assetnote Security Research Team
Find out how Assetnote can help you lock down your external attack surface.
Use the lead form below, or alternatively contact us via email by clicking here.