CVE-2025-10035 - Geek Feed

Maximum severity GoAnywhere MFT flaw exploited as zero day

September 30, 2025September 30, 2025 geekfeed0Tagged Actively Exploited, Command Injection, CVE-2025-10035, Fortra, GoAnywhere MFT, rce, Remote Command Execution

Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere MFT that allows injecting commands remotely without authentication. The vendor disclosed the flaw on September 18, buit the company had learned about it a week earlier, and did not share any details on how it was discovered or if it was being exploited. CVE-2025-10035 […]

2 mins read

Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet

September 23, 2025September 23, 2025 geekfeed0Tagged Command Injection, CVE-2025-10035, Deserialization, Fortra, GoAnywhere MFT, Managed File Transfer

Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT’s License Servlet that can be exploited in command injection attacks. GoAnywhere MFT is a web-based managed file transfer tool that helps organizations securely transfer files and maintain audit logs of who accesses the shared files. Tracked as CVE-2025-10035, this security flaw […]

3 mins read