March 23, 2023

A zero-day vulnerability in Fortra’s GoAnywhere MFT managed file transfer application is being actively exploited in the wild.

Brian Krebs detailed out first about the flaw . But no public advisory has been published by Fortra.

The vulnerability is a remote code injection that requires access to the administrative console of the application, making it imperative that the systems are not exposed to the public internet.

Advertisements

As per the researcher, there are over 1,000 on-premise instances that are publicly accessible over the internet.

GoAnywhere MFT customers to review all administrative users and monitor for unrecognized usernames, especially those created by the system. It’s also possible for threat actors to exploit reused, weak, or default credentials to obtain administrative access to the console.

There is no patch currently available for the zero-day vulnerability, although Fortra has released workarounds to remove the “License Response Servlet” configuration from the web.xml file.

Tags:

Leave a Reply

You may have missed

Google Cloud Armor Advanced DDoS Protection

Google Cloud Armor Advanced DDoS Protection

March 22, 2023
BreachForums Curtains Down

BreachForums Curtains Down

March 22, 2023
Google blocks Pinduoduo App amid Security Concerns

Google blocks Pinduoduo App amid Security Concerns

March 22, 2023
Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023
DotRunpeX – Malware Injector Spreads in Wild

DotRunpeX – Malware Injector Spreads in Wild

March 21, 2023
%d bloggers like this: