Lucene search
+L

219 matches found

Prion
Prion
added 2024/01/22 6:15 p.m.23 views

Authentication flaw

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...

7.5CVSS7AI score0.95086EPSS
Exploits8References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/22 6:5 p.m.6 views

CVE-2024-0204 Authentication Bypass in GoAnywhere MFT

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...

9.8CVSS7.1AI score0.95086EPSS
Exploits8References4
Cvelist
Cvelist
added 2024/01/22 6:5 p.m.53 views

CVE-2024-0204 Authentication Bypass in GoAnywhere MFT

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...

9.8CVSS9.6AI score0.95086EPSS
Exploits8References4
CVE
CVE
added 2024/01/22 6:5 p.m.165 views

CVE-2024-0204

CVE-2024-0204 is a critical authentication-bypass vulnerability in Fortra GoAnywhere MFT prior to 7.4.1. An unauthenticated attacker can trigger a path traversal against the InitialAccountSetup.xhtml endpoint, bypass security filters, and create a new administrator account in the GoAnywhere admin...

9.8CVSS9.2AI score0.95086EPSS
In wildExploits8References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/22 12:0 a.m.7 views

PT-2024-1259

Name of the Vulnerable Software and Affected Versions Fortra GoAnywhere MFT versions prior to 7.4.1 Description A critical authentication bypass issue exists in Fortra’s GoAnywhere MFT software prior to version 7.4.1. This flaw allows an unauthorized user to create an administrator account throug...

9.8CVSS7.6AI score0.95086EPSS
Exploits8References176
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.17 views

Fortra GoAnywhere MFT Security Vulnerability

Fortra GoAnywhere MFT is a secure file transfer solution from Fortra USA. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.4.1. An attacker exploited the vulnerability to bypass authentication in order to create an administrator user through the management portal...

9.8CVSS6.9AI score0.95086EPSS
Exploits8References6
Malwarebytes
Malwarebytes
added 2023/06/06 1:0 a.m.381 views

Cl0p ransomware gang claims first victims of the MOVEit vulnerability

On Friday June 2, 2023 we reported about a MOVEit Transfer vulnerability that was actively being exploited. If your organization uses MOVEit Transfer and you havent patched yet, it really is time to move it. Excuse the bad pun, but yesterday we saw the first victims of this vulnerability come...

7.5CVSS8.2AI score0.99934EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.16 views

Fortra GoAnywhere MFT < 7.1.2 Remote Code Execution

Fortra GoAnywhere MFT is a Managed File Transfer MFT solution helping organizations build both internal and external data transfer exchanges. GoAnyWhere MFT versions before 7.1.2 suffer from a deserialization vulnerability in the LicenseResponse servlet. By crafting a specific serialized object, ...

7.2CVSS8.3AI score0.99999EPSS
Exploits12References3
The Hacker News
The Hacker News
added 2023/04/27 8:20 a.m.83 views

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...

9.8CVSS8.9AI score0.99999EPSS
Exploits37
The Hacker News
The Hacker News
added 2023/04/27 8:20 a.m.4 views

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...

8.8CVSS8.2AI score0.99999EPSS
Exploits13
The Hacker News
The Hacker News
added 2023/04/20 11:22 a.m.135 views

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution RCE vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 CVSS score: 7.2, concerns a...

7.2CVSS7.8AI score0.99999EPSS
Exploits12
The Hacker News
The Hacker News
added 2023/04/20 11:22 a.m.5 views

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution RCE vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 CVSS score: 7.2, concerns a...

7.2CVSS8.4AI score0.99999EPSS
Exploits12
Malwarebytes
Malwarebytes
added 2023/04/13 1:30 p.m.43 views

Ransomware review: April 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.302 views

Goanywhere Encryption Helper 7.1.1 Remote Code Execution

// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...

7.2CVSS7.2AI score0.99999EPSS
Exploits12
0day.today
0day.today
added 2023/04/08 12:0 a.m.220 views

Goanywhere Encryption helper 7.1.1 - Remote Code Execution Exploit

// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link: https://www.dropbox.com/s/j31l8lgvapbopy3/ga703linuxx64.sh?dl=0 // Version: 7.1...

7.2CVSS7.3AI score0.99999EPSS
Exploits12
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.330 views

Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE)

// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...

7.2CVSS7.4AI score0.99999EPSS
Exploits12
GithubExploit
GithubExploit
added 2023/04/06 3:40 a.m.488 views

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer

This exploit is a Python script designed to exploit the CVE-2023...

7.2CVSS7.8AI score0.99999EPSS
Exploits12
Schneier on Security
Schneier on Security
added 2023/03/23 11:5 a.m.18 views

Mass Ransomware Attack

A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However,...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/17 4:30 p.m.78 views

Rubrik is latest victim of the Clop ransomware zero-day campaign

Rubrik, a cybersecurity company specializing in cloud data management, has revealed that some of its systems were infiltrated by the Clop ransomware group. Rubrik is one of many companies attacked by Clop via an infamous zero-day vulnerability in the GoAnywhere file transfer software. The attack...

7.5AI score0.99999EPSS
Exploits12
Malwarebytes
Malwarebytes
added 2023/03/14 4:0 a.m.52 views

Clop ransomware is victimizing GoAnywhere MFT customers

According to information gathered by BleepingComputer, the Clop ransomware group has claimed responsibility for the ransomware attacks that are tied to a vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution. As we reported on February 8, Fortra released an emergency patch 7.1.2...

7.9AI score0.99999EPSS
Exploits12
Rows per page
Query Builder