Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.
PoC: CVE-2025-10035
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.
PoC: Blackash-CVE-2025-10035
CVE-2025-10035
PoC: CVE-2025-10035_GoAnywhere
CVE-2025-10035_GoAnywhere Get RCE
PoC: CVE-2025-10035
Detection for CVE-2025-10035
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free