3 matches found
CVE-2025-41086 Authorization bypass in GAMS from GAMS Development Corp.
Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...
CVE-2025-10035
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...
Vulnerability fixed in Fortra's GoAnywhere MFT
Fortra has fixed a vulnerability in GoAnywhere MFT License Servlet Specifically. The vulnerability is in the deserialization of a controlled object within the License Servlet. An attacker could use a forged license response signature to perform command injection, which could lead to unauthorized...