漏洞描述
Fortra GoAnywhere MFT存在身份认证绕过漏洞,此漏洞是由于应用程序对URI中的恶意字符验证不足导致的。
Fortra GoAnywhere MFT 身份认证绕过漏洞
PoC代码
暂无相关漏洞推荐
- Fortra GoAnywhere MFT 未授权 反序列化漏洞 可导致命令注入
- (CVE-2025-10035)Fortra GoAnywhere MFT License Servlet反序列化漏洞可能导致命令注入
- POC CVE-2023-0669: Fortra GoAnywhere MFT - Remote Code Execution
- POC CVE-2024-0204: Fortra GoAnywhere MFT - Authentication Bypass
- POC CVE-2024-5276: Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection
- POC CVE-2025-10035: GoAnywhere - Authentication Bypass
- POC goanywhere-mft-log4j-rce: GoAnywhere Managed File Transfer - Remote Code Execution (Apache Log4j)
- Fortra FileCatalyst Workflow CVE-2024-25153 目录遍历漏洞
- Goanywhere MFT 存在身份认证绕过漏洞
- GoAnywhere MFT InitialAccountSetup.xhtml 绕过漏洞(CVE-2024-0204)
- GoAnywhere MFT InitialAccountSetup.xhtml 权限绕过漏洞
- GoAnywhereMFT反序列化漏洞
- Goanywhere MFT lic/accept 远程代码执行漏洞