all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Fortra GoAnywhere MFT Unauthenticated Remote Code Execution

Add to bookmarks
Feb. 2, 2024, 4:05 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits a vulnerability in Fortra GoAnywhere MFT that allows an unauthenticated attacker to create a new administrator account. This can be leveraged to upload a JSP payload and achieve RCE. GoAnywhere MFT versions 6.x from 6.0.1, and 7.x before 7.4.1 are vulnerable.

account administrator attacker can code code execution exploits fortra fortra goanywhere fortra goanywhere mft goanywhere goanywhere mft jsp metasploit mft payload rce remote code remote code execution unauthenticated upload vulnerability vulnerable

Visit resource

More from packetstormsecurity.com / Packet Storm

TOR Virtual Network Tunneling Tool 0.4.8.12 2 days, 16 hours ago | packetstormsecurity.com
a network applications communication developers +21
jSQL Injection 0.98 2 days, 16 hours ago | packetstormsecurity.com
application box code database +21
Ubuntu Security Notice USN-6815-1 2 days, 16 hours ago | packetstormsecurity.com
application arbitrary code attacker code +13
Red Hat Security Advisory 2024-3708-03 2 days, 16 hours ago | packetstormsecurity.com
advisory apache boot build +15
Online Pizza Ordering System 1.0 SQL Injection 2 days, 16 hours ago | packetstormsecurity.com
injection pizza sql sql injection +5
Apache HugeGraph Remote Command Execution 2 days, 16 hours ago | packetstormsecurity.com
1.0.0 1.3.0 apache command +5
FBI Says It Has 7,000 LockBit Ransomware Decryption Keys 2 days, 16 hours ago | packetstormsecurity.com
cryptography data loss decryption decryption keys +8
Russian Hacktivists Vow Mass Attacks Against EU Elections 2 days, 16 hours ago | packetstormsecurity.com
attacks cyberwar elections hacker +3
Spam Blocklist SORBS Closed By Its Owner, Proofpoint 2 days, 16 hours ago | packetstormsecurity.com
blocklist email proofpoint spam

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com