CVE-2021-46830: Path Traversal
First published: Wed Jul 27 2022(Updated: )
A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Helpsystems Goanywhere Managed File Transfer | <6.8.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-46830.
What software is affected by this vulnerability?
GoAnywhere MFT before 6.8.3 is affected by this vulnerability.
What is the severity of CVE-2021-46830?
CVE-2021-46830 has a severity rating of medium (6.5).
How does this vulnerability work?
This vulnerability allows an external user who self-registers with a specific username and/or profile information to gain unauthorized access to files at a higher level.
How can I fix this vulnerability?
To fix this vulnerability, it is recommended to upgrade to GoAnywhere MFT version 6.8.3 or later.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/helpsystems
- canonical/helpsystems goanywhere managed file transfer