Zero‑Day in GoAnywhere MFT Bypasses Firewalls, Lets Attackers Run Code

Researchers uncovered a critical zero‑day vulnerability in the GoAnywhere Managed File Transfer (MFT) appliance that allows unauthenticated attackers to execute arbitrary code on the server. The flaw bypasses traditional perimeter defenses—such as firewalls and intrusion‑prevention systems—by exploiting the MFT service itself, which is often permitted through the network to facilitate business file transfers. Once inside, threat actors can deploy web shells, steal credentials, and move laterally across the environment.

The exploit demonstrates that reliance on firewall‑centric security models leaves organizations exposed to compromised trusted services. Defenders must prioritize rapid patching of MFT platforms, implement deep‑packet inspection or application‑aware firewalls, and enforce strict network segmentation for file‑transfer nodes. Continuous monitoring for anomalous MFT activity and adopting a zero‑trust posture around privileged file‑transfer services are essential to mitigate similar attacks in the future.

Categories: Data Breaches, Vulnerabilities & Exploits

Source: Read original article