How severe is CVE-2025-0049?

CVE-2025-0049 has a CVSS v3 score of 3.5 (LOW).

CVE-2025-0049

Name: goanywhere_managed_file_transfer
Author: fortra

3.5LOW

When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for applicati

Опубликовано: 4/28/2025Обновлено: 5/10/2025

Описание

When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0.

ИИ-АнализНа базе ИИ

Затронутые продукты

fortragoanywhere_managed_file_transfer

Ссылки

https://www.fortra.com/security/advisories/product-security/fi-2025-004
Vendor Advisory