Fortra News Articles

Recent news articles refferecing the vendors vulnerabilities.

favicon imageBleepingComputer

Fortra fixes critical FileCatalyst Workflow hardcoded password issue

Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges.

2 months ago

favicon imageHelp Net Security

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) - Help Net Security

Orgs using Fortra's FileCatalyst Workflow are urged to upgrade to prevent attackers accessing an internal database via CVE-2024-6633.

2 months ago

favicon imageHelp Net Security

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) - Help Net Security

A critical SQL injection Vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched, a PoC is already available online.

4 months ago

favicon imageBleepingComputer

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database.

4 months ago

favicon imageCybersecurityNews

PoC Published for Critical RCE Vulnerability in Fortra FileCatalyst

A proof of Concept (PoC) has been published for a critical RCE vulnerability identified in Fortra's FileCatalyst software.

7 months ago

favicon imageHelp Net Security

PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) - Help Net Security

Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published.

7 months ago

favicon imageSC Media

Fortra FileCatalyst RCE bug disclosed; full PoC exploit available

First patched in August, the critical vulnerability enables unauthenticated web shell deployment.

7 months ago

favicon imageLRQA Nettitude

cve Archives - LRQA Nettitude Labs

CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst CVE-2024-25153, a critical Unsafe File Upload and Directory Traversal vulnerability in Fortra FileCatalyst, allows a remote unauthenticated...

7 months ago

favicon image| Cert

WARNING: CRITICAL RCE VULNERABILITY IN FORTRA FILECATALYST WORKFLOW, PATCH IMMEDIATELY!

CVE-2024-25153 lies within the web portal component of FileCatalyst Workflow.

8 months ago

favicon imagesecurityonline.info

Fortra FileCatalyst Users Face Critical Risk: CVE-2024-25153 - RCE Flaw Exposed, PoC Published

Security researcher Tom Wedgbury has released a proof-of-concept (PoC) exploit, demonstrating how CVE-2024-25153 (CVSS 9.8) can be weaponized

8 months ago

favicon imageLRQA Nettitude

CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst

Unsafe File Upload and Directory Traversal in Fortra FileCatalyst Workflow and Direct allow an unauthenticated attacker to gain RCE.

8 months ago

favicon imageMalwarebytes

Patch now! Fortra GoAnywhere MFT vulnerability exploit available | Malwarebytes

A new vulnerability in Fortra GoAnywhere MFT now has exploit code available that allows an attacker to create a new admin user.

9 months ago

favicon imageDuo Security

Exploit Code Released For Fortra GoAnywhere MFT Flaw

The flaw (CVE-2024-0204) could enable remote, unauthenticated attackers to bypass authentication in order to create new users.

9 months ago

favicon imageDark Reading

Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT

PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file transfer technology.

9 months ago

favicon imageThe Register

Latest GoAnywhere MFT bug is a must-patch as exploit emerges

Security experts are wasting no time in publishing working exploits for a critical vulnerability in Fortra GoAnywhere MFT, which was publicly disclosed just over a day ago. Customers were first advised by...

9 months ago

favicon imageSOC Prime

CVE-2024-0204 Detection: Critical Vulnerability in Fortra GoAnywhere MFT Resulting in Authentication Bypass - SOC Prime

Detect CVE-2024-0204 exploitation attempts resulting in Fortra’s GoAnywherer MFT authentication bypass with Sigma rules in the SOC Prime Platform.

9 months ago

favicon imageHelp Net Security

PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204) - Help Net Security

PoC exploit code for a critical vulnerability (CVE-2024-0204) in Fortra's GoAnywhere MFT solution has been made public.

9 months ago

favicon imageMedium

Zero-Day Alert: Fortra’s GoAnywhere MFT Compromised

A recent zero-day vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software has surfaced, posing a severe security risk. Identified as CVE-2024–0204, this vulnerability has sent a…

9 months ago

favicon imageThe Stack

Exploit released for new Fortra GoAnywhere vulnerability

A exploit has been released for a authentication bypass vulnerability CVE-2024-0204 in Fortra GoAnywhere software that was widely attacked in...

9 months ago

favicon imageThe Hacker News

Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin

GoAnywhere users, listen up! Critical bug (CVE-2024-0204) lets anyone become admin. Update to 7.4.1 immediately.

9 months ago

favicon imagesecurityonline.info

CVE-2024-0204 (CVSS 9.8): Critical Authentication Bypass Flaw in GoAnywhere MFT

CVE-2024-0204 (CVSS 9.8), this flaw is described as an authentication bypass vulnerability in Fortra's GoAnywhere MFT before version 7.4.1

9 months ago

favicon imageRapid7

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog

On 1/22/24, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1.

9 months ago

favicon imageBeeping Computers

Exploit released for Fortra GoAnywhere MFT auth bypass bug

Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.

9 months ago

favicon imageHorizon3.ai

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive – Horizon3.ai

CVE-2024-0204 Fortra GoAnywhere MFT Deep-Dive and Indicators of Compromise. This blog details the authentication bypass which allows an unauthenticated attacker to add an administrative user to the application.

9 months ago

favicon imageSecurity Boulevard

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive

On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass vulnerability, CVE-2024-0204, that allows an unauthenticated attacker to create an The post CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive appe...

9 months ago

favicon imageBeeping Computers

Fortra warns of new critical GoAnywhere MFT auth bypass, patch now

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.

9 months ago