GoAnywhere
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-0049 | 0.00 | — | 0.00 | Apr 28, 2025 | When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0. | |||
| CVE-2024-25157 | 0.00 | — | 0.01 | Aug 14, 2024 | An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification. | |||
| CVE-2021-46830 | 0.00 | — | 0.01 | Jul 27, 2022 | A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain… |
- CVE-2025-0049Apr 28, 2025risk 0.00cvss —epss 0.00
When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0.
- CVE-2024-25157Aug 14, 2024risk 0.00cvss —epss 0.01
An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.
- CVE-2021-46830Jul 27, 2022risk 0.00cvss —epss 0.01
A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain…