18 matches found
📄 Fortra GoAnywhere MFT 7.4.1 Authentication Bypass
Fortra GoAnywhere MFT version 7.4.1 proof of concept authentication bypass exploit. !/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass Date: 2025-05-25 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vend...
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass Date: 2025-05-25 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.fortra.com/products/secure-file-transfer/goanywhere-mft...
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
Metasploit Weekly Wrap-Up 02/09/2024
Go go gadget Fortra GoAnywhere MFT Module This Metasploit release contains a module for one of 2024's hottest vulnerabilities to date: CVE-2024-0204. The path traversal vulnerability in Fortra GoAnywhere MFT allows for unauthenticated attackers to access the InitialAccountSetup.xhtml endpoint whi...
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
This module exploits a vulnerability in Fortra GoAnywhere MFT that allows an unauthenticated attacker to create a new administrator account. This can be leveraged to upload a JSP payload and achieve RCE. GoAnywhere MFT versions 6.x from 6.0.1, and 7.x before 7.4.1 are vulnerable. Module Options m...
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a vulnerability in Fortra GoAnywhere MFT th...
Imperva customers are protected against the recent GoAnywhere MFT vulnerability CVE-2024-0204
Recently, Fortra released a security advisory for CVE-2024-0204, a GoAnywhere MFT authentication bypass vulnerability. This bug allows an unauthenticated attacker to create an administrative user by exploiting an InitialAccountSetup.xhtml endpoint–accessible via path traversal–to initiate the...
Patch now! Fortra GoAnywhere MFT vulnerability exploit available
On January 22, 2024, software company Fortra warned customers about a new authentication bypass vulnerability impacting GoAnywhere MFT Managed File Transfer that allows an attacker to create a new admin user. Fortra GoAnywhere MFT is a file transfer solution that organizations use to exchange the...
VulnCheck KEV: CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Dee...
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
A critical security flaw has been disclosed in Fortra's GoAnywhere Managed File Transfer MFT software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10. "Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4....
Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)
Binary data fortragoanywheremftCVE-2024-0204.nbin...
Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)
According to its self-reported version, the instance of Fortra GoAnywhere Managed File Transfer MFT running on the remote web server is 7.4.1. It is, therefore, affected by an authentication bypass vulnerability. This can allow an unauthenticated attacker to create an admin user via the...
CVE-2024-0204
creationtimestamp| type| source ---|---|--- 2024-01-22 19:22:23+00:00| seen| https://t.me/ctinow/171373 2024-01-23 22:49:18+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6481 2024-01-23 23:21:24+00:00| published-proof-of-concept| https://t.me/ctinow/172392 2024-01-24 03:16:10+00:0...
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204
CVE-2024-0204 is a critical authentication-bypass vulnerability in Fortra GoAnywhere MFT prior to 7.4.1. An unauthenticated attacker can trigger a path traversal against the InitialAccountSetup.xhtml endpoint, bypass security filters, and create a new administrator account in the GoAnywhere admin...