![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwgF7QdFc-3uBWmZRklL-QNNCojhsOnPnaYJBqB0Kx8CFNte09Ogzs1sgdZBz5Kb7JPZ-IYNI1clCeG3p1zWtgPN3GQMnyurFq9S8QvS5-ZtYzvvjk8rkMpEsmPoXgYicoC8dA8da6k9KskK5fPvPJdfVAWfNnlsq5tlkCHKIpcT2W4e7MntvMf-0LJj5E/s1600/forta.jpg)
A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user.
Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10.
“Authentication bypass in Fortra’s GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal,” Fortra&
Source:: The Hackers News