GoAnywhere Managed File Transfer (MFT) Authentication Bypass Vulnerability (CVE-2024-0204)

Security researchers at Spark Engineering Consultants have discovered an authentication bypass vulnerability in GoAnywhere Managed File Transfer. Tracked as CVE-2024-0204, the vulnerability has a critical severity and a CVSS score of 9.8. The vulnerability allows an unauthorized user to create an admin user via the administration portal.