Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2024-0204
Topic description: "Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. ..."
"Based on the [technical writeup](https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/) and [PoC](https://github.com/horizon3ai/CVE-2024-0204) from Horizion3, this vulnerability can be exploited by an unauthenticated attacker with access to the management interface of GoAnywhere MFT (by default the management interface is available over TCP port 8000 for HTTP and TCP port 8001 for HTTPS), to create a new administrator account on the system ..."
Link: https://www.attackerkb.com/assessments/eea1031a-9a25-482b-8a3f-df80e318f4d9
Topic description: "Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. ..."
"Based on the [technical writeup](https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/) and [PoC](https://github.com/horizon3ai/CVE-2024-0204) from Horizion3, this vulnerability can be exploited by an unauthenticated attacker with access to the management interface of GoAnywhere MFT (by default the management interface is available over TCP port 8000 for HTTP and TCP port 8001 for HTTPS), to create a new administrator account on the system ..."
Link: https://www.attackerkb.com/assessments/eea1031a-9a25-482b-8a3f-df80e318f4d9
0
0
0