Vulnerabilities > Mobatek > Mobaxterm > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-06 | CVE-2022-38336 | Improper Authentication vulnerability in Mobatek Mobaxterm An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication. | 8.1 |
| 2021-06-03 | CVE-2021-28847 | Unspecified vulnerability in Mobatek Mobaxterm MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. | 7.5 |
| 2019-09-14 | CVE-2019-16305 | Command Injection vulnerability in Mobatek Mobaxterm 11.1/12.1 In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. | 8.8 |
| 2019-07-09 | CVE-2019-13475 | Argument Injection or Modification vulnerability in Mobatek Mobaxterm 11.1 In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. | 8.8 |