CVE-2023-0669CISA KEVEPSS p100.0%

CVE-2023-0669CVE-2023-0669

fortra / goanywhere_managed_file_transfer

Description

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.

Scoring

CVSS 7.2 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS100.00% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z
Last modified2026-06-17

CISA KEV entry

Added to KEV: 2023-02-10

(incoming)1

TypeTargetConfidenceTier
KEVEntryFortra GoAnywhere MFT Remote Code Execution Vulnerabilitykev-cve-2023-06690%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability
CVE
Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability
CVE
Fortinet FortiClient EMS Improper Access Control Vulnerability
CVE
CVE-2025-8450
CVE
ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability
CVE
Fortinet Multiple Products Format String Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.