“Description and Rotten Reason of CVE-2025-10035-A new revelation in the goanywhere MFT solution of Fortra is a significant vulnerability-the same as the CVE-2023-0669, another important issue that was widely exploited by the Ransomware groups in 2023.” However, it is not clear that it is not clear that the current is not clear in the current centers. Gaya, it is safe to accept ransomware and other APT groups will be highly motivated to develop this new vulnerability feats. “
The new vulnerability was patched 5 days after being discovered on 13 September. Users are advised to update the Goanywear MFT version 7.8.4 and 7.6.3, depending on what release they are using.
Successful exploitation depends on the attackers, which has the ability to reach the GoanyWhere administrator console and sends a legitimately forged license response signs to separate an arbitrary actor-controlled object. Fortra recommends users not to expose the administrator console directly on the Internet.
