Vulnerabilities > Mobatek > Mobaxterm > 21.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-06 | CVE-2022-38336 | Improper Authentication vulnerability in Mobatek Mobaxterm An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication. | 8.1 |
| 2022-12-06 | CVE-2022-38337 | Use of Hard-coded Credentials vulnerability in Mobatek Mobaxterm When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. | 9.1 |