Hello all forum members, have you ever had a tool that you trusted and then discovered it had a significant issue? That is the case with Fortra's GoAnywhere MFT, a file transfer tool. Fortra quantitatively warned that there is a very serious flaw in the License Servlet called CVE-2025-10035. This flaw allows hackers to run malicious commands far beyond their access privileges.
They have already released patched versions, 7.8.4 and 7.6.3. If you can not upgrade to the secure version of the software, at the very least, block the Admin Console from the public internet.
This is not new. Most recently, the Clop ransomware gang hacked over 310 companies after exploiting a GoAnywhere vulnerability. This can happen again, and will happen again.
1. Update to 7.8.4 or 7.6.3 immediately.
2. Disable public access to the Admin Console.
3. Ensure your system is not exposing unnecessary services online.
4. Stay informed, hackers can act quickly.
If you use GoAnywhere MFT, either patch it, block it, or protect it before it's too late.
What is wrong with it?
The flaw stems from how the tool handles bad data. Hackers can craft data that the system accepts that allows them to run commands.What makes it so dangerous?
- Hackers can attack you anywhere online.
- It is easy to use.
- The user doesn't have to do anything, nor does the user need to click anything, it just works for the attacker.
Who has to worry?
If you have your GoAnywhere Admin Console open to the internet, your are in danger. Fortra said: if your console is exposed, then your are insecure.They have already released patched versions, 7.8.4 and 7.6.3. If you can not upgrade to the secure version of the software, at the very least, block the Admin Console from the public internet.
Why you should care
File transfer tools are attractive to hackers, because they are likely to contain sensitive files, contracts, paystubs and reports. If attackers gain access, they can potentially steal everything.This is not new. Most recently, the Clop ransomware gang hacked over 310 companies after exploiting a GoAnywhere vulnerability. This can happen again, and will happen again.
What you should do:
If your organization uses GoAnywhere, here’s a simple to-do list:1. Update to 7.8.4 or 7.6.3 immediately.
2. Disable public access to the Admin Console.
3. Ensure your system is not exposing unnecessary services online.
4. Stay informed, hackers can act quickly.
What I think:
I understand, updating can be annoying. I have delayed updates in the past too. But, in this case, there’s no time to be delayed. Shadowserver has already found that there are 470 GoAnywhere systems publicly exposed online. I am sure that hackers are already scanning for systems that are at risk.Conclusion
This highlights one conclusion: you cannot "set and forget" security. Even trusted tools can quickly become risky.If you use GoAnywhere MFT, either patch it, block it, or protect it before it's too late.
