CVE-2024-0204 PoC — Fortra GoAnywhere MFT 安全漏洞

Source

https://github.com/adminlove520/CVE-2024-0204

Associated Vulnerability

Title:Fortra GoAnywhere MFT 安全漏洞 (CVE-2024-0204)
Description:Fortra GoAnywhere MFT是美国Fortra公司的一种安全的文件传输解决方案。 Fortra GoAnywhere MFT 7.4.1之前版本存在安全漏洞。攻击者利用该漏洞绕过身份验证，从而通过管理门户创建管理员用户。

Description

GoAnywhere MFT

Readme

# CVE-2024-0204: Authentication Bypass in GoAnywhere MFT
Script to create a new admin user in GoAnywhere MFT.


## Usage
Password must be at least 8 characters long to meet GoAnywhere MFT complexity requirements.

```
% python3 CVE-2024-0204.py -h
usage: CVE-2024-0204 GoAnywhere Authentication Bypass [-h]
                                                      endpoint username
                                                      password

positional arguments:
  endpoint    The endpoint URL (e.g., http://127.0.0.1:8080)
  username    New admin username
  password    New admin password

optional arguments:
  -h, --help  show this help message and exit
```

File Snapshot


 [4.0K]  /data/pocs/344455772ae5820c110f089c60101863af076894
├── [2.0K]  CVE-2024-0204.py
└── [ 662]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!