CVE-2023-0669

ENISA EUVD: EUVD-2023-0644 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 12 articles Published: 2023-02-06

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.38%

probability

This CVE has a 94.38% probability of being exploited in the next 30 days.

0% Top 100.0th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.2

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.

Affected Products

Fortra

Goanywhere MFT

fortra

goanywhere managed file transfer

Fortra

GoAnywhere MFT

0 ≤7.1.1

Fortra

GoAnywhere MFT

0 ≤7.1.1

Attack Intelligence

CWE-502 · Deserialization of Untrusted Data CWE-664 · Improper Control of a Resource Through its Lifetime CWE-913 · Improper Control of Dynamically-Managed Code Resources

Exploits & PoC

0xf4n9x/CVE-2023-0669

CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an

103 2024-04-16

Avento/CVE-2023-0669

GoAnywhere MFT CVE-2023-0669 LicenseResponseServlet Deserialization Vulnerabilities Python RCE PoC(Proof of Concept)

8 2023-07-07

yosef0x01/CVE-2023-0669-Analysis

CVE analysis for CVE-2023-0669

7 2023-03-12

cataliniovita/CVE-2023-0669

CVE-2023-0669 GoAnywhere MFT command injection vulnerability

0 2023-02-15

Griffin-01/CVE-2023-0669

0 2023-02-21

zakaria-laouani/cve-2023-0669-simulation

0 2025-12-24

6 repos — triés par ⭐ Rechercher sur GitHub ↗

https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml#zerodayfeb1

vendor-advisory

https://infosec.exchange/@briankrebs/109795710941843934

media-coverage

https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/

third-party-advisory

https://attackerkb.com/topics/mg883Nbeva/cve-2023-0669/rapid7-analysis

third-party-advisory

https://github.com/rapid7/metasploit-framework/pull/17607

exploit

https://duo.com/decipher/fortra-patches-actively-exploited-zero-day-in-goanywhere-mft

media-coverage

Signal Intelligence

Confidenceⓘ

92%

EPSS 94.38%

CVSS v3.1 7.2

Mentions 12

Last Seen May 08, 2025

CNA Information

CNA Assigner

rapid7

CNA Title

Fortra GoAnywhere MFT License Response Servlet Command Injection

Analyst Note

CVE-2023-0669 is explicitly identified as a zero-day RCE vulnerability in Fortra's GoAnywhere MFT tool with active ransomware exploitation documented. TheHackerNews article directly states 'zero-day remote code execution (RCE) vulnerability' and 'active exploitation by ransomware actors,' confirming exploitation in the wild prior to or concurrent with patch availability.