Zero-Day in GoAnywhere MFT Bypasses Firewalls, Gives Remote Code Execution

Researchers uncovered a critical zero‑day vulnerability in the GoAnywhere Managed File Transfer (MFT) license servlet. The flaw allowed unauthenticated attackers to inject and execute arbitrary code on the server, earning a perfect CVSS 10.0 rating. Exploits were observed in the wild, with threat actors leveraging the bug to gain full control of affected systems.

The vulnerability undermines the assumption that perimeter firewalls alone can block attacks against application‑level services. Compromised MFT servers can be used to harvest sensitive files, launch internal reconnaissance, or pivot to other critical assets. Defenders must treat MFT solutions as high‑value targets, enforce defense‑in‑depth measures, and apply vendor patches immediately.

Organizations should inventory all GoAnywhere deployments, enable web‑application firewalls or runtime application self‑protection, and monitor for anomalous servlet activity. Relying solely on network boundaries leaves a dangerous gap that modern attackers can exploit with ease.

Categories: Vulnerabilities & Exploits

Source: Read original article