COOEY // HUBcompliance · community · intelligence

FAIL › dossier

GoAnywhere MFT product

2
failure events
1
zero-days
2
RCEs
2
on KEV
2
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2023-02-10 CVE-2023-0669 critical ⚡RCE ◐0day ⌖KEV 95 Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.
2025-09-29 CVE-2025-10035 critical ⚡RCE ⌖KEV 85 Fortra GoAnywhere MFT suffered a deserialization vulnerability allowing command injection via forged license signatures, linked to ransomware.