Managed File Transfer

Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet

September 23, 2025September 23, 2025 geekfeed0Tagged Command Injection, CVE-2025-10035, Deserialization, Fortra, GoAnywhere MFT, Managed File Transfer

Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT’s License Servlet that can be exploited in command injection attacks. GoAnywhere MFT is a web-based managed file transfer tool that helps organizations securely transfer files and maintain audit logs of who accesses the shared files. Tracked as CVE-2025-10035, this security flaw […]

3 mins read

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

July 22, 2025July 22, 2025 geekfeed0Tagged Actively Exploited, CrushFTP, CVE-2025-54309, File Transfer, Hijack, Managed File Transfer

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. The security vulnerability (CVE-2025-54309) is due to mishandled AS2 validation and impacts all CrushFTP versions below 10.8.5 and 11.3.4_23. The vendor tagged the flaw as actively exploited in the wild on July 19th, noting that […]

2 mins read