CVE-2023-35708

GPTKB entity

Statements (20)
Predicate Object
gptkbp:instanceOf CVE Identifier
gptkbp:access No
gptkbp:affects gptkb:GoAnywhere_MFT
gptkbp:describes GoAnywhere MFT before 7.1.2 allows remote code execution via a pre-authentication command injection vulnerability.
gptkbp:discoveredBy gptkb:Horizon3.ai
gptkbp:exploitableRemotely Yes
gptkbp:fixes GoAnywhere MFT 7.1.2
gptkbp:hasCVSSScore 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
gptkbp:hasCWE gptkb:CWE-77
gptkbp:hasPatchAvailable Yes
gptkbp:hasSeverity High
gptkbp:hasType Remote Code Execution
Command Injection
https://www.w3.org/2000/01/rdf-schema#label CVE-2023-35708
gptkbp:publishedIn 2023-06-01
gptkbp:referencedIn https://www.horizon3.ai/goanywhere-mft-pre-auth-command-injection-cve-2023-35708/
https://nvd.nist.gov/vuln/detail/CVE-2023-35708
gptkbp:bfsParent gptkb:MOVEit
gptkbp:bfsLayer 6