CVE-2025-10035 – Critical unauthenticated RCE in GoAnywhere MFT


On September 18, 2025, Fortra published an advisory for CVE-2025-10035. This new vulnerability affects GoAnywhere MFT, an enterprise managed file transfer solution, and allows an attacker to achieve unauthenticated remote code execution. GoAnywhere MFT is a file transfer solution that has been exploited in-the-wild in the past.

In 2023, CVE-2023-0669 was exploited in-the-wild as a zero-day, and that vulnerability is known to have been used by ransomware groups. Currently there is no known public exploit code available for the new vulnerability, CVE-2025-10035, and the vendor has not reported CVE-2025-10035 as having been exploited in-the-wild. However, given the nature and history of this product, this new vulnerability should be treated as a significant threat.

Read more…
Source: Rapid7


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Multiple Vulnerabilities in SonicOS

    January 8, 2025

    SonicWall has released a security advisory to address three high severity vulnerabilities and one medium severity vulnerability in SonicOS. SonicWall appliances are security appliances that provide virtual private network (VPN) and ‘next-gen’ firewall capabilities. Read more… Source: NHS Digital Sign up for our Newsletter Related:

  • Multiple Vulnerabilities in Redis

    January 7, 2025

    Two security advisories have been released to address two vulnerabilities in Redis. Redis is a popular in-memory key-value database that persists on disk. CVE-2024-46981 is a ‘use after free’ vulnerability with a CVSSv3 score of 7.0. If exploited, an authenticated attacker could use a specially crafted Lua script to achieve remote code execution. CVE-2024-51741 is an ...

  • What We Know About CVE-2024-49112 and CVE-2024-49113

    January 4, 2025

    In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score. This blog entry provides an overview of these two vulnerabilities and includes information that ...

  • Google Chrome extensions targeted by hackers to steal user passwords

    December 30, 2024

    Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack, exposing sensitive customer data like passwords and session tokens. In a statement, the data loss prevention company noted the attack showed signs of being part of a “wider campaign” to target other companies, too. The attack started as many others do ...

  • WhatsApp scores historic victory against NSO Group in long-running spyware hacking case

    December 23, 2024

    A U.S. judge has ruled that Israeli spyware maker NSO Group breached hacking laws by using WhatsApp to infect devices with its Pegasus spyware. In a historic ruling on Friday, a Northern California federal judge held NSO Group liable for targeting the devices of 1,400 WhatsApp users, violating state and federal hacking laws as well as ...

  • Cloud Atlas seen using a new tool in its attacks

    December 23, 2024

    Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We’re shedding light on a previously undocumented toolset, which the group used heavily in 2024. Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code. When opened, the document downloads a ...