Fortra News Articles
Recent news articles refferecing the vendors vulnerabilities.
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges.
2 months ago
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) - Help Net Security
Orgs using Fortra's FileCatalyst Workflow are urged to upgrade to prevent attackers accessing an internal database via CVE-2024-6633.
2 months ago
PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) - Help Net Security
A critical SQL injection Vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched, a PoC is already available online.
4 months ago
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database.
4 months ago
PoC Published for Critical RCE Vulnerability in Fortra FileCatalyst
A proof of Concept (PoC) has been published for a critical RCE vulnerability identified in Fortra's FileCatalyst software.
7 months ago
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) - Help Net Security
Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published.
7 months ago
Fortra FileCatalyst RCE bug disclosed; full PoC exploit available
First patched in August, the critical vulnerability enables unauthenticated web shell deployment.
7 months ago
cve Archives - LRQA Nettitude Labs
CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst CVE-2024-25153, a critical Unsafe File Upload and Directory Traversal vulnerability in Fortra FileCatalyst, allows a remote unauthenticated...
7 months ago
WARNING: CRITICAL RCE VULNERABILITY IN FORTRA FILECATALYST WORKFLOW, PATCH IMMEDIATELY!
CVE-2024-25153 lies within the web portal component of FileCatalyst Workflow.
8 months ago
Fortra FileCatalyst Users Face Critical Risk: CVE-2024-25153 - RCE Flaw Exposed, PoC Published
Security researcher Tom Wedgbury has released a proof-of-concept (PoC) exploit, demonstrating how CVE-2024-25153 (CVSS 9.8) can be weaponized
8 months ago
CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst
Unsafe File Upload and Directory Traversal in Fortra FileCatalyst Workflow and Direct allow an unauthenticated attacker to gain RCE.
8 months ago
Patch now! Fortra GoAnywhere MFT vulnerability exploit available | Malwarebytes
A new vulnerability in Fortra GoAnywhere MFT now has exploit code available that allows an attacker to create a new admin user.
9 months ago
Exploit Code Released For Fortra GoAnywhere MFT Flaw
The flaw (CVE-2024-0204) could enable remote, unauthenticated attackers to bypass authentication in order to create new users.
9 months ago
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT
PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file transfer technology.
9 months ago
Latest GoAnywhere MFT bug is a must-patch as exploit emerges
Security experts are wasting no time in publishing working exploits for a critical vulnerability in Fortra GoAnywhere MFT, which was publicly disclosed just over a day ago. Customers were first advised by...
9 months ago
CVE-2024-0204 Detection: Critical Vulnerability in Fortra GoAnywhere MFT Resulting in Authentication Bypass - SOC Prime
Detect CVE-2024-0204 exploitation attempts resulting in Fortra’s GoAnywherer MFT authentication bypass with Sigma rules in the SOC Prime Platform.
9 months ago
PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204) - Help Net Security
PoC exploit code for a critical vulnerability (CVE-2024-0204) in Fortra's GoAnywhere MFT solution has been made public.
9 months ago
Zero-Day Alert: Fortra’s GoAnywhere MFT Compromised
A recent zero-day vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software has surfaced, posing a severe security risk. Identified as CVE-2024–0204, this vulnerability has sent a…
9 months ago
Exploit released for new Fortra GoAnywhere vulnerability
A exploit has been released for a authentication bypass vulnerability CVE-2024-0204 in Fortra GoAnywhere software that was widely attacked in...
9 months ago
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
GoAnywhere users, listen up! Critical bug (CVE-2024-0204) lets anyone become admin. Update to 7.4.1 immediately.
9 months ago
CVE-2024-0204 (CVSS 9.8): Critical Authentication Bypass Flaw in GoAnywhere MFT
CVE-2024-0204 (CVSS 9.8), this flaw is described as an authentication bypass vulnerability in Fortra's GoAnywhere MFT before version 7.4.1
9 months ago
CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog
On 1/22/24, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1.
9 months ago
Exploit released for Fortra GoAnywhere MFT auth bypass bug
Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.
9 months ago
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive – Horizon3.ai
CVE-2024-0204 Fortra GoAnywhere MFT Deep-Dive and Indicators of Compromise. This blog details the authentication bypass which allows an unauthenticated attacker to add an administrative user to the application.
9 months ago
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive
On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass vulnerability, CVE-2024-0204, that allows an unauthenticated attacker to create an The post CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive appe...
9 months ago
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.
9 months ago