Fortra News Articles
Recent news articles refferecing the vendors vulnerabilities.
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges.
Help Net SecurityCVE-2024-6633Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) - Help Net Security
Orgs using Fortra's FileCatalyst Workflow are urged to upgrade to prevent attackers accessing an internal database via CVE-2024-6633.
Help Net SecurityCVE-2024-5276PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) - Help Net Security
A critical SQL injection Vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched, a PoC is already available online.
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database.
CybersecurityNewsCVE-2024-25153PoC Published for Critical RCE Vulnerability in Fortra FileCatalyst
A proof of Concept (PoC) has been published for a critical RCE vulnerability identified in Fortra's FileCatalyst software.
Help Net SecurityCVE-2024-25153PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) - Help Net Security
Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published.
Fortra FileCatalyst RCE bug disclosed; full PoC exploit available
First patched in August, the critical vulnerability enables unauthenticated web shell deployment.
LRQA NettitudeCVE-2024-25153cve Archives - LRQA Nettitude Labs
CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst CVE-2024-25153, a critical Unsafe File Upload and Directory Traversal vulnerability in Fortra FileCatalyst, allows a remote unauthenticated...
WARNING: CRITICAL RCE VULNERABILITY IN FORTRA FILECATALYST WORKFLOW, PATCH IMMEDIATELY!
CVE-2024-25153 lies within the web portal component of FileCatalyst Workflow.
securityonline.infoCVE-2024-25153Fortra FileCatalyst Users Face Critical Risk: CVE-2024-25153 - RCE Flaw Exposed, PoC Published
Security researcher Tom Wedgbury has released a proof-of-concept (PoC) exploit, demonstrating how CVE-2024-25153 (CVSS 9.8) can be weaponized
LRQA NettitudeCVE-2024-25153CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst
Unsafe File Upload and Directory Traversal in Fortra FileCatalyst Workflow and Direct allow an unauthenticated attacker to gain RCE.
MalwarebytesCVE-2024-0204Patch now! Fortra GoAnywhere MFT vulnerability exploit available | Malwarebytes
A new vulnerability in Fortra GoAnywhere MFT now has exploit code available that allows an attacker to create a new admin user.
Duo SecurityCVE-2024-0204Exploit Code Released For Fortra GoAnywhere MFT Flaw
The flaw (CVE-2024-0204) could enable remote, unauthenticated attackers to bypass authentication in order to create new users.
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT
PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file transfer technology.
CVE-2024-0204 Detection: Critical Vulnerability in Fortra GoAnywhere MFT Resulting in Authentication Bypass - SOC Prime
Detect CVE-2024-0204 exploitation attempts resulting in Fortra’s GoAnywherer MFT authentication bypass with Sigma rules in the SOC Prime Platform.
Help Net SecurityCVE-2024-0204PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204) - Help Net Security
PoC exploit code for a critical vulnerability (CVE-2024-0204) in Fortra's GoAnywhere MFT solution has been made public.
MediumCVE-2024-0204Zero-Day Alert: Fortra’s GoAnywhere MFT Compromised
A recent zero-day vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software has surfaced, posing a severe security risk. Identified as CVE-2024–0204, this vulnerability has sent a…
The StackCVE-2024-0204Exploit released for new Fortra GoAnywhere vulnerability
A exploit has been released for a authentication bypass vulnerability CVE-2024-0204 in Fortra GoAnywhere software that was widely attacked in...
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
GoAnywhere users, listen up! Critical bug (CVE-2024-0204) lets anyone become admin. Update to 7.4.1 immediately.
securityonline.infoCVE-2024-0204CVE-2024-0204 (CVSS 9.8): Critical Authentication Bypass Flaw in GoAnywhere MFT
CVE-2024-0204 (CVSS 9.8), this flaw is described as an authentication bypass vulnerability in Fortra's GoAnywhere MFT before version 7.4.1
Rapid7CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog
On 1/22/24, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1.
Exploit released for Fortra GoAnywhere MFT auth bypass bug
Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.
Horizon3.aiCVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive – Horizon3.ai
CVE-2024-0204 Fortra GoAnywhere MFT Deep-Dive and Indicators of Compromise. This blog details the authentication bypass which allows an unauthenticated attacker to add an administrative user to the application.
Security BoulevardCVE-2024-0204CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive
On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass vulnerability, CVE-2024-0204, that allows an unauthenticated attacker to create an The post CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive appe...
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.