漏洞名称: GoAnywhere MFT 反序列化漏洞(CVE-2023-0669)
English Name:GoAnywhere MFT Deserialization Vulnerability (CVE-2023-0669)
CVSS core: 9.8
影响资产数:4399
漏洞描述:
GoAnywhere MFT is a solution for managing file transfer, which simplifies data exchange between systems, employees, customers and trading partners. It provides centralized control through extensive security settings, detailed audit trails, and helps to process information in files into XML, EDI, CSV, and JSON databases. There is a Java deserialization vulnerability in GoAnywhere MFT. An attacker can use this vulnerability to execute arbitrary code, execute commands on the server, enter memory horses, etc., and obtain server privileges.
漏洞影响:
There is a Java deserialization vulnerability in GoAnywhere MFT. An attacker can use this vulnerability to execute arbitrary code, execute commands on the server, enter memory horses, etc., and obtain server privileges.
FOFA查询语句(点击直接查看结果):
banner=“.goanywhere.com” || title=“GoAnywhere”