Create GoAnywhere_MFT_InitialAccountSetup.xhtml_Bypass_Vulnerability_(CVE-2024-0204).md

2025-06-20 01:40:20 +00:00 · 2024-01-24 19:15:27 +08:00 · 2024-01-24 19:15:27 +08:00 · 7cb33f9efe
commit 7cb33f9efe
parent d1ff7aadde
1 changed files with 13 additions and 0 deletions
--- a/GoAnywhere_MFT_InitialAccountSetup.xhtml_Bypass_Vulnerability_(CVE-2024-0204).md
+++ b/GoAnywhere_MFT_InitialAccountSetup.xhtml_Bypass_Vulnerability_(CVE-2024-0204).md
@ -0,0 +1,13 @@
+
+## 	GoAnywhere MFT InitialAccountSetup.xhtml Bypass Vulnerability (CVE-2024-0204)
+
+|   **Vulnerability**  | 	GoAnywhere MFT InitialAccountSetup.xhtml Bypass Vulnerability (CVE-2024-0204)  |
+| :----:   | :-----|
+|  **Chinese name**  | 		GoAnywhere MFT InitialAccountSetup.xhtml 绕过漏洞（CVE-2024-0204） |
+| **CVSS core**  | 	9.8 |
+| **FOFA Query**  (click to view the results directly)| [app="GoAnywhere-MFT"](https://en.fofa.info/result?qbase64=dGl0bGU9IkdvQW55d2hlcmUiIHx8IGhlYWRlcj0iL2dvYW55d2hlcmUiIHx8IGJhbm5lcj0iL2dvYW55d2hlcmUi)|
+| **Number of assets affected**  | 		4468 |
+| **Description**  | 	GoAnywhere MFT (Managed File Transfer) is an enterprise-class file transfer solution provided by HelpSystems, designed to meet the needs of organizations for secure, manageable and automated file transfer.Authentication bypass vulnerability in GoAnywhere MFT before Fortra version 7.4.1. Allows unauthorized users to pretend to be administrators through the management portal, create arbitrary management users, and take over the entire system. |
+| **Impact** | 	Authentication bypass vulnerability in GoAnywhere MFT before Fortra version 7.4.1. Allows unauthorized users to pretend to be administrators through the management portal, create arbitrary management users, and take over the entire system. |
+
+![](https://s3.bmp.ovh/imgs/2024/01/24/fed22927c8fb9a5f.gif).