virus logo Endpoint Vulnerability

Fortra GoAnywhere MFT CVE-2023-0669 Code Injection Vulnerability

description-logoDescription

Fortra GoAnywhere MFT has a pre-authentication command injection flaw in the License Response Servlet caused by deserializing attacker-controlled objects, allowing arbitrary command execution.

description-logoOutbreak Alert

Fortra (formerly, knowns as HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet.

View the full Outbreak Alert Report

affected-products-logoAffected Applications

GoAnywhere MFT

Version Updates

Date Version Status Detail
2025-02-24 1.00822
Modified
 GoAnywhere MFT
2023-02-10 1.00396
New
 GoAnywhere MFT

References

https://www.goanywhere.com/products/goanywhere-mft
ID 4765
Created Feb 10, 2023
Description
Updated		 Jan 16, 2026
CVE ID
Tags GoAnywhere MFT RCE Threat Signal
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Fortra
Patch manual
Application GoAnywhere MFT