Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin

By Newsroom

A critical security flaw has been disclosed in Fortra's GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10. "Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal," Fortra&

Related tags
January 24^th 2024 at 05:32

The Hacker News
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
April 20^th 2023 at 11:22

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

By Ravie Lakshmanan

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 (CVSS score: 7.2), concerns a case of pre-authenticated command injection that could be abused to achieve code execution. The

Related tags
April 20^th 2023 at 11:22