Fortra.GoAnywhere.MFT.LicenseResponseServlet.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in GoAnywhere MFT.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An unauthenticated remote attacker may be able to exploit this to execute arbitrary commands within the context of the application.
Outbreak Alert
Fortra (formerly, knowns as HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet.
Affected Products
GoAnywhere MFT v7.1.1 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates.
https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/GoAnywhere/GAMFT.htm
Version Updates
Date | Version | Detail |
---|---|---|
2023-05-16 | 0.00348 |