A path traversal vulnerability exists within GoAnywhere MFT prior to 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
helpsystems goanywhere managed file transfer |