CVE-2023-0669: Fortra GoAnywhere MFT Remote Code Execution Vulnerability
First published: Mon Feb 06 2023(Updated: )
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
Credit: cve@rapid7.con cve@rapid7.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortra Goanywhere Managed File Transfer | <7.1.2 | |
| Fortra GoAnywhere MFT | ||
| Fortra GoAnywhere MFT | =7.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/171789/Goanywhere-Encryption-Helper-7.1.1-Remote-Code-Execution.html
- https://attackerkb.com/topics/mg883Nbeva/cve-2023-0669/rapid7-analysis
- https://duo.com/decipher/fortra-patches-actively-exploited-zero-day-in-goanywhere-mft
- https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html
- https://github.com/rapid7/metasploit-framework/pull/17607
- https://infosec.exchange/@briankrebs/109795710941843934
- https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml#zerodayfeb1
- https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/
- https://www.bleepingcomputer.com/news/security/fortra-warns-of-new-critical-goanywhere-mft-auth-bypass-patch-now/
- https://www.bleepingcomputer.com/news/security/exploit-released-for-fortra-goanywhere-mft-auth-bypass-bug/
- https://www.zdnet.com/article/ransomware-leak-site-reports-rose-by-49-in-2023-but-there-is-good-news/
- https://www.theregister.com/2024/05/13/cisa_ascension_ransomware/
- https://www.bleepingcomputer.com/news/security/exploit-for-critical-fortra-filecatalyst-workflow-sqli-flaw-released/
- https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a.
- https://my.goanywhere.com/webclient/DownloadProductFiles.xhtml.
- https://nvd.nist.gov/vuln/detail/CVE-2023-0669
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is CVE-2023-0669?
CVE-2023-0669 is a vulnerability in Fortra (formerly, HelpSystems) GoAnywhere MFT that allows remote code execution.
How can the Fortra GoAnywhere MFT Remote Code Execution Vulnerability be exploited?
The vulnerability can be exploited by sending a specially crafted object to the License Response Servlet.
What is the impact of CVE-2023-0669?
The vulnerability allows an attacker to execute arbitrary code on the affected system, potentially leading to complete compromise of the system.
How can I mitigate the Fortra GoAnywhere MFT Remote Code Execution Vulnerability?
Apply the latest security patches and updates provided by Fortra to fix the vulnerability.
Where can I find more information about CVE-2023-0669?
You can find more information about CVE-2023-0669 on the official CISA website and the Fortra GoAnywhere MFT product documentation.
- collector/nvd-index
- agent/type
- agent/description
- agent/remedy
- agent/weakness
- agent/title
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-0204
- alias/CVE-2023-0669
- agent/severity
- agent/softwarecombine
- collector/zdnet-article
- source/ZDNet
- alias/CVE-2023-34362
- alias/CVE-2023-35036
- alias/CVE-2023-35708
- alias/CVE-2021-21974
- zeroday/true
- agent/news-ai
- collector/the-register
- source/The Register
- alias/CVE-2022-35803
- alias/CVE-2024-5276
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/tags
- collector/nvd-cve
- vendor/fortra
- canonical/fortra goanywhere managed file transfer
- canonical/fortra goanywhere mft