# CVE-2026-2701

> Remote code execution in Progress ShareFile Storage Zones Controller (SZC) 5.x via arbitrary file upload and execution. After exploiting CVE-2026-2699 for admin access, an attacker modifies the Network Share Location to the IIS webroot and uploads a ZIP archive containing a malicious ASPX webshell via /upload.aspx with unzip=true, achieving code execution on the server.

- **CVSS:** 9.1 (CRITICAL)
- **EPSS:** 0.3%
- **CWE:** CWE-78, CWE-94, CWE-434

Canonical: https://intel.threadlinqs.com/cve/CVE-2026-2701
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp