CVE-2026-6421

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

CVE-2019-25741 Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

CVE-2019-25741

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. Version 12.1 of Mobatek MobaXterm contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured...

PT-2026-46211

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

EUVD-2026-23374

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

CVE-2026-6421

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

CVE-2026-6421

CVE-2026-6421 affects Mobatek MobaXterm Home Edition up to 26.1. The issue lies in an unspecified part of msimg32.dll, enabling an uncontrolled search path when a low-privilege local attack occurs. Exploitation is described as local with high complexity; CVSS 3.1/7.0 (HIGH) and CVSS 4.0/7.3 (HIGH...

CVE-2026-6421 Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

CVE-2026-6421 Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

CVE-2026-6421

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

Mobatek MobaXterm 代码问题漏洞

Mobatek MobaXterm is a terminal software package developed by the French company Mobatek. It integrates an enhanced terminal, an X server, and a Unix command set GNU/Cygwin. Versions of Mobatek MobaXterm prior to version 26.1 contained code vulnerabilities. These vulnerabilities stemmed from...

EUVD-2019-17222

Malware in sbrugna...

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a suite of terminal software from Mobatek France that integrates an enhanced terminal, an X server, and a Unix command set GNU/Cygwin. A security vulnerability exists in Mobatek MobaXterm versions prior to 25.0, which stems from the way the password storage IV is generated an...

Mobatek MobaXterm 10.4 (CVE-2017-15376)

The version of Mobatek MobaXterm installed on the remote host is 10.4. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15376 advisory. - The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary...

Mobatek MobaXterm < 8.3 (CVE-2015-7244)

The version of Mobatek MobaXterm installed on the remote host is prior to 8.3. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-7244 advisory. - The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does n...

Mobatek MobaXterm 11.1 (CVE-2019-13475)

The version of Mobatek MobaXterm installed on the remote host is 11.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-13475 advisory. - In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute...

Mobatek MobaXterm = 9.4 (CVE-2017-6805)

The version of Mobatek MobaXterm installed on the remote host is 9.4. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-6805 advisory. - Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files...

Mobatek MobaXterm 11.1 / 12.1 (CVE-2019-16305)

The version of Mobatek MobaXterm installed on the remote host is 11.1 and 12.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-16305 advisory. - In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup...

Mobatek MobaXterm < 22.3 (CVE-2022-38337)

The version of Mobatek MobaXterm installed on the remote host is prior to 22.3. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-38337 advisory. - When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as...