GoAnywhere MFT vulnerability is incredibly easy to exploit. Another path traversal, 1998 style. Expect extortion.

Pretty credible the vendor didn’t tell people about the flaw clearly in December, ie allocate a CVE. Critical infrastructure runs this software. HT @simontsui

https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/