Back to directory

WRITEUP #392

Broken access control in GoAnywhere Admin portal

Privilege EscalationBroken Access ControlPath traversalSecurity code review

byVu Chi Thanh

Program

Fortra (GoAnywhere)

Published

Mar 18, 2024

Added to HackDex

Jul 22, 2024

Read Full Writeuphttps://blog.viettelcybersecurity.com/authentication-bypass-in-goanywhere-admin-portal/

▸ RELATED WRITEUPS

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Vestaboard: Exploring Broken Access Controls and Privilege Escalation

Privilege EscalationBroken Access Control

How I Earned $469 Bounty: Bypassing Plan Restriction

Privilege EscalationBroken Access Control

Oracle Retail Xstore Suite: Pre-authenticated Path Traversal

OtherPath traversal

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

Built with ❤️ by Shubham Rawat