Lucene search

K
githubexploitE7CD52DA-0A25-5F9A-959E-BD474E2726E2
HistoryFeb 10, 2023 - 1:02 p.m.

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere Managed File Transfer

2023-02-1013:02:55
399
goanywhere mft
command injection
license response
pre-authentication
arbitrary object
cve-2023-0669
ysoserial
java version
encrypt
payload.

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.969

Percentile

99.7%

CVE-2023-0669

> GoAnywhere MFT suffers from a pre-authenticati…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.969

Percentile

99.7%