CVE-2025-10035

Beschreibung

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

Schweregrad: CRITICAL

CVSS-Score: 10