tags:javaenterprise_appauth_bypass original link: CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive newsletter link: exploits.club Weekly Newsletter 05
Exploits Club Summary:
The team at Horizon3.ai put out a technical deep dive into CVE-2024-0204. The post goes through the process of diffing the Java patch and identifying the auth bypass. They also dropped a PoC on their GitHub.