CVE-2024-0204
Description
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Fortra
Severity: CRITICAL
CVE ID: CVE-2024-0204
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2024-0204
Refrence: Project Discovery GitHub
horizon3ai
Authentication Bypass in GoAnywhere MFT
Refrence: GitHub
cbeek-r7
Scanning for vulnerable GoAnywhere MFT CVE-2024-0204
Refrence: GitHub
m-cetin
This script exploits the CVE-2024-0204 vulnerability in Fortra GoAnywhere MFT, allowing the creation of unauthorized administrative users, for educational and authorized testing purposes.
Refrence: GitHub
adminlove520
GoAnywhere MFT
Refrence: GitHub
Content on GitHub
gobysec | watchers:678
GobyVuls
Vulnerabilities of Goby supported with exploitation.
Refrence: GitHub
gobysec | watchers:1337
Goby
Attack surface mapping
Refrence: GitHub