Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
https://www.darkreading.com/vulnerabilities-threats/medusa-ransomware-exploit-fortra-goanywhere-flaw
https://therecord.media/cisa-orders-federal-gov-patch-fortra-bug
https://www.theregister.com/2025/09/26/an_apts_playground_goanywhere_perfect10/
https://cyberscoop.com/goanywhere-vulnerability-active-exploitation-september-2025/
https://hackread.com/critical-cvss-10-flaw-goanywhere-file-transfer/
https://www.securityweek.com/fortra-patches-critical-goanywhere-mft-vulnerability/
https://www.helpnetsecurity.com/2025/09/22/fortra-goanywhere-vulnerability-cve-2025-10035/
https://www.theregister.com/2025/09/19/gortra_goanywhere_bug/
https://thehackernews.com/2025/09/fortra-releases-critical-patch-for-cvss.html
https://cyberscoop.com/goanywhere-file-transfer-service-vulnerability-september-2025/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-207a
https://blog.talosintelligence.com/common-ransomware-actor-ttps-playbooks/
https://research.checkpoint.com/2024/sharp-dragon-expands-towards-africa-and-the-caribbean/
https://www.tenable.com/blog/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-vulnerability
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-0669
https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html
https://duo.com/decipher/fortra-patches-actively-exploited-zero-day-in-goanywhere-mft
https://attackerkb.com/topics/mg883Nbeva/cve-2023-0669/rapid7-analysis