Clop Ransomware Group Exploits GoAnywhere MFT Flaw – Infosecurity Magazine

The ransomware gang known as Clop has been observed exploiting a pre-authentication command injection vulnerability (CVE-2023-0669) in Fortra’s file transfer solution GoAnywhere MFT.

The high-level vulnerability has a CVSS:3.1 score of 7.2 and was exploited against several companies in the US and elsewhere, according to a new advisory by security experts at CloudSEK.

The flaw derives from a deserialization bug that can be exploited by sending a post request to the endpoint. CloudSEK warned that a Metasploit module is also available to take advantage of the vulnerability.

“The exploit for this CVE was available a day before the patch (7.1.2) was released on February 7 2023. Many vulnerable admin panels of GoAnywhere were found to be indexed on Shodan [a search engine for Internet-connected devices] running on port 8000,” reads the technical write-up.

The company clarified that only the GoAnywhere administrative interface was vulnerable to the exploit used by the Clop ransomware group…

Read Full Story: https://news.google.com/rss/articles/CBMiRGh0dHBzOi8vd3d3LmluZm9zZWN1cml0eS1tYWdhemluZS5jb20vbmV3cy9jbG9wLXJhbnNvbXdhcmUtZXhwbG9pdHMv0gEA?oc=5

The post Clop Ransomware Group Exploits GoAnywhere MFT Flaw – Infosecurity Magazine first appeared on SEO, Marketing and Social News | OneSEOCompany.com.

source: https://news.oneseocompany.com/2023/03/29/clop-ransomware-group-exploits-goanywhere-mft-flaw-infosecurity-magazine_2023032942769.html

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.