Keep in mind that the availability and accessibility of these papers might depend on your institution's subscriptions or open-access policies. You can also try searching for more recent papers and research works on academic databases.
This paper outlines the methodology and findings of a security assessment performed on HelpSystems (now Fortra) GoAnywhere MFT. Through a combination of static analysis of Java bytecode and dynamic validation, researchers identified a critical vulnerability allowing unauthenticated attackers to execute arbitrary code on the target server. The root cause was identified as the insecure deserialization of untrusted data within the OpenPGP resource functionality, utilizing the exploitation framework ysoserial . goanywhere static analysis
Static analysis (often referred to as Static Application Security Testing or SAST) involves examining code, configurations, or scripts without actually executing them. Keep in mind that the availability and accessibility