Tag: GoAnywhere MFT

Researchers from WatchTowr Labs have reported active exploitation of a critical vulnerability in Fortra’s GoAnywhere MFT file transfer management system. Tracked as CVE-2025-10035, the flaw stems from a deserialization bug in the License Servlet component, enabling unauthenticated command injection. Exploitation requires only a forged license response with a valid signature. Fortra notified its customers of…