Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Goanywhere Managed File Transfer Security Vulnerabilities

cve
cve

CVE-2023-0669

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.

7.2CVSS

7.2AI Score

0.971EPSS

2023-02-06 08:15 PM
714
In Wild
2
cve
cve

CVE-2024-0204

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.

9.8CVSS

9.2AI Score

0.584EPSS

2024-01-22 06:15 PM
85
cve
cve

CVE-2024-25157

An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.

6.5CVSS

6.4AI Score

0.001EPSS

2024-08-14 03:15 PM
22