Security News > 2024 > January > PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)

PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)
2024-01-24 13:22

Proof-of-concept exploit code for a critical vulnerability in Fortra's GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take advantage of it.

CVE-2024-0204 was privately reported by Mohammed Eldeeb and Islam Elrfai of Spark Engineering Consultants in early December 2023, and Fortra's GoAnywhere MFT customers got an advance warning with instructions on how to remediate the vulnerability.

On Monday, January 22, Fortra finally released a publicly accessible security advisory documenting the existence of the vulnerability, now officially identified via a CVE number.

Ai researchers published a technical analysis of the vulnerability and a PoC script that exploits CVE-2024-0204 to add an administrative user to a vulnerable Fortra GoAnywhere MFT installation.

The Shodan search engine currently sees 1,800+ internet-exposed Fortra GoAnywhere MFT admin portals.

While the hope is that affected customers have already upgraded their installations, organizations have historically been slow to patch GoAnywhere MFT even when a vulnerability was under active exploitation for months.


News URL

https://www.helpnetsecurity.com/2024/01/24/poc-cve-2024-0204/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-22 CVE-2024-0204 Forced Browsing vulnerability in Fortra Goanywhere Managed File Transfer
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
network
low complexity
fortra CWE-425
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortra 5 0 3 2 3 8