Research Notes
July 4, 2023

Advisory: ShareFile Pre-Auth RCE (CVE-2023-24489)

No items found.
Creative Commons license


An unauthenticated attacker can upload arbitrary files leading to remote code execution. A cryptographic flaw, coupled with a path traversal vulnerability enable the attacker to upload files to the webroot via the <span class="code_single-line">/documentum/upload.aspx</span> page.


An attacker can upload a web shell to the ShareFile system and execute arbitrary commands. After gaining RCE, it may be possible to laterally escalate privileges on the network.

Affected Software

The following versions are affected by this vulnerability:

  • ShareFile Storage Zones Controller < 5.11.24

Product Description

ShareFile is cloud-based file sharing and collaboration application. The ShareFile Storage Zones Controller provides the customer with the ability to store files in their own data center as opposed to the ShareFile cloud.


Upgrade to the latest version of ShareFile Storage Zones Controller. > 5.11.24.

Citrix’s official advisory can be found here.

Blog Post

The blog post detailing the steps taken for the discovery of this vulnerability can be found here.


Assetnote Security Research Team

Written by:
Dylan Pindur
Your subscription could not be saved. Please try again.
Your subscription has been successful.

Get updates on our research

Subscribe to our newsletter and stay updated on the newest research, security advisories, and more!

Ready to get started?

Get on a call with our team and learn how Assetnote can change the way you secure your attack surface. We'll set you up with a trial instance so you can see the impact for yourself.