Endpoint Vulnerability

Fortra GoAnywhere MFT CVE-2025-10035 Command Injection Vulnerability

Description

Deserialization vulnerability in Fortra GoAnywhere MFT's License Servlet allows an actor with a forged license signature to deserialize arbitrary objects, potentially enabling command injection.

Outbreak Alert

A critical deserialization vulnerability in GoAnywhere MFT’s License Servlet (CVSS 10.0) is actively being exploited in the wild. The flaw allows attackers with a forged license response signature to deserialize arbitrary objects, which can lead to command injection and remote code execution (RCE). FortiGuard telemetry shows sustained, high-volume exploitation attempts against GoAnywhere MFT instances.

View the full Outbreak Alert Report

Affected Applications

GoAnywhere MFT

Version Updates

Date	Version	Status	Detail
2025-09-29	1.00917	New	GoAnywhere MFT

References

https://www.fortra.com/security/advisory/fi-2025-012

ID	6245
Created	Apr 05, 2026
Description Updated	Apr 05, 2026
CVE ID
Tags	GoAnywhere MFT Attack
Risk
Coverage	FortiClient
OS	Windows
Vendor	Fortra
Patch	manual
Application	GoAnywhere MFT

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Endpoint Vulnerability

Fortra GoAnywhere MFT CVE-2025-10035 Command Injection Vulnerability

Description

Outbreak Alert

Affected Applications

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Endpoint Vulnerability

Fortra GoAnywhere MFT CVE-2025-10035 Command Injection Vulnerability

Description

Outbreak Alert

Affected Applications

Version Updates

References

Threat Intelligence
Center