Skip to the main content.

1 min read

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass

Fortra just released a security bulletin detailing a new critical authentication bypass vulnerability in their GoAnywhere Managed File Transfer (MFT) solution. The vulnerability, CVE-2024-0204, allows for a remote unauthenticated user to create administrative users via the administration portal.  Security researchers at Horizon3.ai published details on the vulnerability and exploitation.

In early 2023, a high severity 0-day command injection vulnerability in the GoAnywhere MFT product, CVE-2023-0669, was leveraged by the Cl0p ransomware gang to compromise over 130 companies.

Affected Versions

Per the security bulletin, CVE-2024-0204 affects the following versions:

  • Fortra GoAnywhere MFT 6.x from 6.0.1
  • Fortra GoAnywhere MFT 7.x before 7.4.1

Remediation and Mitigation

Fortra recommends upgrading to version 7.4.1 or higher.  If an upgrade is not feasible, a workaround is available.  In 'non-container deployments', administrators can delete the InitialAccountSetup.xhtml file located in the install directory and then restart the services.  For 'container-deployed' instances, replace the InitialAccountSetup.xhtml file with an empty file and restart.

References



DISCLAIMER

Kindly be advised that the information contained in this article is presented with no final evaluation and should be considered raw data. The sole purpose of this information is to provide situational awareness based on the currently available knowledge. We recommend exercising caution and conducting further research as necessary before making any decisions based on this information.

Cyber Threat Intelligence Briefing - February 26, 2024

6 min read

Cyber Threat Intelligence Briefing - February 26, 2024

This week, we continue to cover the ConnectWise ScreenConnect vulnerabilities and United Healthcare Optum Breach and include a vulnerability roundup.

Read More
Two ConnectWise ScreenConnect Critical RCE Vulnerabilities

2 min read

Two ConnectWise ScreenConnect Critical RCE Vulnerabilities

ConnectWise recently released a security bulletin disclosing two new vulnerabilities in their ScreenConnect platform.

Read More
CVE-2024-21413: Microsoft Outlook Critical RCE

2 min read

CVE-2024-21413: Microsoft Outlook Critical RCE

As part of this month's Patch Tuesday, Microsoft released a fix for a critical vulnerability affecting multiple Outlook versions.

Read More