EDB-52308
remotemultiple
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
CVE-2024-0204
İbrahimsql5/29/2025
CVE-2024-0204
9.8CRITICALAuthentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Published: 1/22/2024Updated: 11/21/2024
Description
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
AI AnalysisPowered by AI
Affected Products
fortragoanywhere_managed_file_transfer
fortragoanywhere_managed_file_transfer
6.0.0
Available Exploits (1)
References
- http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.htmlThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html
- https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtmlPermissions Required
- https://www.fortra.com/security/advisory/fi-2024-001Vendor Advisory
- http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.htmlThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html
- https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtmlPermissions Required
- https://www.fortra.com/security/advisory/fi-2024-001Vendor Advisory