CVE-2024-0204

Description

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.

Fortra
Severity: CRITICAL
CVE ID: CVE-2024-0204
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2024-0204

Refrence: Project Discovery GitHub

horizon3ai

Authentication Bypass in GoAnywhere MFT

Refrence: GitHub

cbeek-r7

Scanning for vulnerable GoAnywhere MFT CVE-2024-0204

Refrence: GitHub

m-cetin

This script exploits the CVE-2024-0204 vulnerability in Fortra GoAnywhere MFT, allowing the creation of unauthorized administrative users, for educational and authorized testing purposes.

Refrence: GitHub

adminlove520

GoAnywhere MFT

Refrence: GitHub

Content on GitHub

gobysec | watchers:678

GobyVuls
Vulnerabilities of Goby supported with exploitation.

Refrence: GitHub

gobysec | watchers:1337

Goby
Attack surface mapping

Refrence: GitHub

Description​

Proof Of Concept​

Content on GitHub​

Description

Proof Of Concept

Content on GitHub