Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv3

CVE-2023-0669

Published: 06/02/2023 Updated: 10/04/2023
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Fortra

Vulnerability Summary

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fortra goanywhere managed file transfer

Exploits

Exploit DB: Goanywhere Encryption Helper 7.1.1 Remote Code Execution
Goanywhere Encryption Helper version 711 suffers from a remote code execution vulnerability ...
Exploit DB: Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution
This Metasploit module exploits an object deserialization vulnerability in Fortra GoAnywhere MFT ...
Exploit DB: Fortra GoAnywhere MFT Unsafe Deserialization RCE
This module exploits CVE-2023-0669, which is an object deserialization vulnerability in Fortra GoAnywhere MFT ...

Metasploit Modules

Fortra GoAnywhere MFT Unsafe Deserialization RCE

This module exploits CVE-2023-0669, which is an object deserialization vulnerability in Fortra GoAnywhere MFT.

msf > use exploit/multi/http/fortra_goanywhere_rce_cve_2023_0669
msf exploit(fortra_goanywhere_rce_cve_2023_0669) > show targets
    ...targets...
msf exploit(fortra_goanywhere_rce_cve_2023_0669) > set TARGET < target-id >
msf exploit(fortra_goanywhere_rce_cve_2023_0669) > show options
    ...show and set options...
msf exploit(fortra_goanywhere_rce_cve_2023_0669) > exploit

Github Repositories

https://github.com/0xf4n9x/CVE-2023-0669

CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.

CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object Dork shodan title:"GoAnywhere" FOFA title="GoAnywhere" Use Java Version java -version ope

https://github.com/Avento/CVE-2023-0669

GoAnywhere MFT CVE-2023-0669 LicenseResponseServlet Deserialization Vulnerabilities Python RCE PoC(Proof of Concept)

CVE-2023-0669 GoAnywhere MFT 反序列化 - Je Yiuwai's Blog CVE-2023-0669 CVE-2023-0669是一个GoAnywhere MFT反序列化漏洞,由于反序列化一个任意攻击者控制的对象,在License Response Servlet中存在一个预先认证的命令注入漏洞。攻击者可以利用该漏洞在受影响的系统上执行任意代码,从而导致系统被完全控制

https://github.com/cataiovita/CVE-2023-0669

CVE-2023-0669 GoAnywhere MFT command injection vulnerability

CVE-2023-0669 CVE-2023-0669 GoAnywhere MFT command injection vulnerability

https://github.com/yosef0x01/Analysis4CVE-2023-0669

CVE analysis for CVE-2023-0669

CVE-2023-0669 This Repo contain the pcakages and scripts used in this Analysis wwwvicariusio/vsociety/blog/unauthenticated-rce-in-goanywhere The vulnerable version of GoAnywhere for Linux wwwdropboxcom/s/j31l8lgvapbopy3/ga7_0_3_linux_x64sh?dl=0

https://github.com/yosef0x01/CVE-2023-0669-Analysis

CVE analysis for CVE-2023-0669

CVE-2023-0669 This Repo contain the pcakages and scripts used in this Analysis wwwvicariusio/vsociety/blog/unauthenticated-rce-in-goanywhere The vulnerable version of GoAnywhere for Linux wwwdropboxcom/s/j31l8lgvapbopy3/ga7_0_3_linux_x64sh?dl=0

https://github.com/kannkyo/epss-api

EPSS(Exploit Prediction Scoring System) API client

EPSS API Client EPSS(Exploit Prediction Scoring System) API client EPSS is the one of famous vulnerability score developed by FIRST (the Forum of Incident Response and Security Teams) EPSS's definition: The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exp

Recent Articles

MOVEit Vulnerabilities: What You Need to Know
Symantec Threat Intelligence Blog • Threat Hunter Team • 12 Jun 2024

Symantec products guard against exploitation of vulnerabilities that are being actively exploited by cyber-crime actors.

Posted: 12 Jun, 20233 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinMOVEit Vulnerabilities: What You Need to KnowSymantec products guard against exploitation of vulnerabilities that are being actively exploited by cyber-crime actors.Extortion actors have been actively exploiting a recently patched vulnerability in MOVEit Transfer, a file-transfer application that is widely used to transmit information between organizations. The nature of the ...

Read more...
LockBit victims in the US alone paid over $90m in ransoms since 2020
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections

Seven nations today issued an alert, plus protection tips, about LockBit, the prolific ransomware-as-a-service gang. The group's affiliates remains a global scourge, costing US victims alone more than $90 million from roughly 1,700 attacks since 2020, we're told. The joint security advisory — issued by the US Cybersecurity and Infrastructure Security Agency (CISA), FBI, Multi-State Information Sharing and Analysis Center (MS-ISAC), and cybersecurity authorities in Australia, Canada, the UK, Ge...

Read more...

References

CWE-502https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml#zerodayfeb1https://infosec.exchange/@briankrebs/109795710941843934https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/https://attackerkb.com/topics/mg883Nbeva/cve-2023-0669/rapid7-analysishttps://github.com/rapid7/metasploit-framework/pull/17607https://duo.com/decipher/fortra-patches-actively-exploited-zero-day-in-goanywhere-mfthttps://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.htmlhttp://packetstormsecurity.com/files/171789/Goanywhere-Encryption-Helper-7.1.1-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://www.theregister.co.uk/2023/06/14/lockbit_joint_advisory/https://github.com/0xf4n9x/CVE-2023-0669
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook