all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Vulnerability

Add to bookmarks
Jan. 24, 2024, 3:25 a.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

Proof-of-concept exploit details are available for a newly disclosed critical vulnerability in Fortra GoAnywhere Managed File Transfer (MFT), a product historically targeted by ransomware

Background

On January 22, Fortra (formerly HelpSystems) published a security advisory (FI-2024-001) for a critical vulnerability in GoAnywhere, its managed file transfer (MFT) software.

CVEDescriptionCVSSv3CVE-2024-0204Fortra GoAnywhere MFT Authentication Bypass Vulnerability9.8

According to the advisory, it was discovered on December 1, 2023. Its discovery is credited to security researchers Mohammed Eldeeb and Islam …

advisory authentication authentication bypass bypass bypass vulnerability concept critical critical vulnerability cve exploit file file transfer fortra fortra goanywhere goanywhere goanywhere mft helpsystems january managed managed file transfer mft product proof proof-of-concept security security advisory software transfer vulnerability

Visit resource

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability 2 days, 2 hours ago | www.tenable.com
Rockwell Automation: Disconnect OT Devices with Public-Facing Internet Access, Patch or Mitigate Logix, FactoryTalk CVEs 3 days, 21 hours ago | www.tenable.com
access advisory automation best practices +22
CVE-2024-4358, CVE-2024-1800: Exploit Code Available for Critical Exploit Chain in Progress Telerik Report Server 5 days, 7 hours ago | www.tenable.com
These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action … 6 days, 6 hours ago | www.tenable.com
abusing action attention azure +16
CVE-2024-24919: Check Point Security Gateway Information Disclosure Zero-Day Exploited in the Wild 1 week, 4 days ago | www.tenable.com
Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040) 3 weeks, 5 days ago | www.tenable.com
addresses critical critical vulnerability cve +15
CVE-2024-21793, CVE-2024-26026: Proof of Concept Available for F5 BIG-IP Next Central Manager Vulnerabilities 1 month ago | www.tenable.com
big big-ip big-ip next central manager centralized management +18
CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 1 month, 2 weeks ago | www.tenable.com
adaptive security arcanedoor blog called +15
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 1 month, 2 weeks ago | www.tenable.com
advisory april crushftp customers +23

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com