219 matches found
Authentication flaw
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204
CVE-2024-0204 is a critical authentication-bypass vulnerability in Fortra GoAnywhere MFT prior to 7.4.1. An unauthenticated attacker can trigger a path traversal against the InitialAccountSetup.xhtml endpoint, bypass security filters, and create a new administrator account in the GoAnywhere admin...
PT-2024-1259
Name of the Vulnerable Software and Affected Versions Fortra GoAnywhere MFT versions prior to 7.4.1 Description A critical authentication bypass issue exists in Fortra’s GoAnywhere MFT software prior to version 7.4.1. This flaw allows an unauthorized user to create an administrator account throug...
Fortra GoAnywhere MFT Security Vulnerability
Fortra GoAnywhere MFT is a secure file transfer solution from Fortra USA. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.4.1. An attacker exploited the vulnerability to bypass authentication in order to create an administrator user through the management portal...
Cl0p ransomware gang claims first victims of the MOVEit vulnerability
On Friday June 2, 2023 we reported about a MOVEit Transfer vulnerability that was actively being exploited. If your organization uses MOVEit Transfer and you havent patched yet, it really is time to move it. Excuse the bad pun, but yesterday we saw the first victims of this vulnerability come...
Fortra GoAnywhere MFT < 7.1.2 Remote Code Execution
Fortra GoAnywhere MFT is a Managed File Transfer MFT solution helping organizations build both internal and external data transfer exchanges. GoAnyWhere MFT versions before 7.1.2 suffer from a deserialization vulnerability in the LicenseResponse servlet. By crafting a specific serialized object, ...
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution RCE vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 CVSS score: 7.2, concerns a...
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution RCE vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 CVSS score: 7.2, concerns a...
Ransomware review: April 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...
Goanywhere Encryption Helper 7.1.1 Remote Code Execution
// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...
Goanywhere Encryption helper 7.1.1 - Remote Code Execution Exploit
// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link: https://www.dropbox.com/s/j31l8lgvapbopy3/ga703linuxx64.sh?dl=0 // Version: 7.1...
Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE)
// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...
Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer
This exploit is a Python script designed to exploit the CVE-2023...
Mass Ransomware Attack
A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However,...
Rubrik is latest victim of the Clop ransomware zero-day campaign
Rubrik, a cybersecurity company specializing in cloud data management, has revealed that some of its systems were infiltrated by the Clop ransomware group. Rubrik is one of many companies attacked by Clop via an infamous zero-day vulnerability in the GoAnywhere file transfer software. The attack...
Clop ransomware is victimizing GoAnywhere MFT customers
According to information gathered by BleepingComputer, the Clop ransomware group has claimed responsibility for the ransomware attacks that are tied to a vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution. As we reported on February 8, Fortra released an emergency patch 7.1.2...