Hub WAF rule

More info

vpatch-CVE-2024-0204 WAF Rule

« GoAnywhere MFT - Authentication Bypass »
v0.1 by crowdsecurity
WAF rule

Detects authentication bypass in Fortra GoAnywhere MFT via path traversal to InitialAccountSetup.xhtml

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2024-0204

YAML Configuration

1## autogenerated on 2025-09-25 09:36:59
2name: crowdsecurity/vpatch-CVE-2024-0204
3description: 'Detects authentication bypass in Fortra GoAnywhere MFT via path traversal to InitialAccountSetup.xhtml'
4rules:
5  - and:
6      - zones:
7          - URI
8        transform:
9          - lowercase
10          - urldecode
11        match:
12          type: contains
13          value: '/goanywhere/images/..;'
14
15labels:
16  type: exploit
17  service: http
18  confidence: 3
19  spoofable: 0
20  behavior: 'http:exploit'
21  label: 'GoAnywhere MFT - Authentication Bypass'
22  classification:
23    - cve.CVE-2024-0204
24    - attack.T1190
25    - cwe.CWE-425
26

Hub WAF rule

« GoAnywhere MFT - Authentication Bypass »v0.1 by crowdsecurityWAF rule

« GoAnywhere MFT - Authentication Bypass »
v0.1 by crowdsecurity
WAF rule