The fest of vulnerabilities in enterprise software continues with an auth bypass flaw in Fortra’s GoAnywhere MFT. Rated at CVSS 9.8, this flaw allows an adversary to create an administrator account without gaining any access to the system. Fortra recommends updating the MFT solution to the versions beyond the ones susceptible to the flaw. GoAnywhere… Continue reading GoAnywhere MFT Auth Bypass Vulnerability Discovered
Tag: GoAnywhere MFT
Clop Operators Claim to Hack 130 Organizations Using GoAnywhere MFT Bug
Clop ransomware operators claim to be behind recent attacks on a 0-day vulnerability in the GoAnywhere MFT secure file transfer tool. Hackers claim that thanks to this bug they stole the data of 130 organizations. We also reported that Exploits for Vulnerabilities in Three Popular WordPress Plugins Appeared on the Network. As a reminder, GoAnywhere… Continue reading Clop Operators Claim to Hack 130 Organizations Using GoAnywhere MFT Bug
Hackers Published an Exploit for a Dangerous Vulnerability in GoAnywhere MFT
Hackers published on the network an exploit for a zero-day vulnerability that is actively used in the GoAnywhere MFT administration console. Fortra, the company behind the GoAnywhere MFT, was forced to release an emergency patch to fix this bug. Let me remind you that we also reported that Exploits for Vulnerabilities in Three Popular WordPress… Continue reading Hackers Published an Exploit for a Dangerous Vulnerability in GoAnywhere MFT