Vulnerabilities > Mobatek > Mobaxterm > 9.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-06 | CVE-2022-38336 | Improper Authentication vulnerability in Mobatek Mobaxterm An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication. | 8.1 |
| 2022-12-06 | CVE-2022-38337 | Use of Hard-coded Credentials vulnerability in Mobatek Mobaxterm When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. | 9.1 |
| 2021-06-03 | CVE-2021-28847 | Unspecified vulnerability in Mobatek Mobaxterm MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. | 7.5 |
| 2017-03-20 | CVE-2017-6805 | Path Traversal vulnerability in Mobatek Mobaxterm 9.4 Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. | 5.3 |