Lucene search
+L

145 matches found

NVD
NVD
added 2024/10/31 7:15 p.m.22 views

CVE-2024-48200

An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd conhost.exe...

8.4CVSS0.00184EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.8 views

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a suite of terminal software from Mobatek France that integrates an enhanced terminal, an X server, and a Unix command set GNU/Cygwin. A security vulnerability exists in Mobatek MobaXterm version v24.2. An attacker can exploit the vulnerability to generate an administrative...

8.4CVSS7.4AI score0.00184EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/31 12:0 a.m.14 views

CVE-2024-48200

An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd conhost.exe...

7.7AI score0.00184EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.8 views

PT-2024-33022 · Mobaxterm · Mobaxterm

Name of the Vulnerable Software and Affected Versions: MobaXterm version 24.2 Description: An issue in MobaXterm allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI, which spawns an Administrative cmd conhost.exe. This enables the...

8.4CVSS7.8AI score0.00184EPSS
Exploits0References6
CVE
CVE
added 2024/10/31 12:0 a.m.62 views

CVE-2024-48200

Summary of CVE-2024-48200 (MobaXterm v24.2) : A local privilege escalation and arbitrary code execution issue exists in the MobaXterm MSI remove function, which spawns an Administrative cmd (conhost.exe). This can allow an unprivileged local attacker to execute code with elevated privileges. The ...

8.4CVSS7.9AI score0.00184EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/31 12:0 a.m.18 views

CVE-2024-48200

An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd conhost.exe...

0.00184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.21 views

Mobatek MobaXterm < 21.0 (CVE-2021-28847)

The version of Mobatek MobaXterm installed on the remote host is prior to 21.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-28847 advisory. - MobaXterm before 21.0 allows remote servers to cause a denial of service Windows GUI hang via tab title change requests tha...

7.5CVSS7.1AI score0.01427EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.30 views

Mobatek MobaXterm 11.1 (CVE-2019-13475)

The version of Mobatek MobaXterm installed on the remote host is 11.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-13475 advisory. - In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute...

8.8CVSS7.5AI score0.0411EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.14 views

Mobatek MobaXterm 10.4 (CVE-2017-15376)

The version of Mobatek MobaXterm installed on the remote host is 10.4. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15376 advisory. - The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary...

10CVSS7.5AI score0.03804EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.21 views

Mobatek MobaXterm = 9.4 (CVE-2017-6805)

The version of Mobatek MobaXterm installed on the remote host is 9.4. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-6805 advisory. - Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files...

5.3CVSS6.2AI score0.07796EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.63 views

Mobatek MobaXterm < 22.2 (CVE-2022-38336)

The version of Mobatek MobaXterm installed on the remote host is prior to 22.2. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-38336 advisory. - An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP...

8.1CVSS7.2AI score0.00829EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.18 views

Mobatek MobaXterm 11.1 u3860 (CVE-2019-7690)

The version of Mobatek MobaXterm installed on the remote host is 11.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-7690 advisory. - In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for...

9.8CVSS7.3AI score0.03214EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.14 views

Mobatek MobaXterm 11.1 / 12.1 (CVE-2019-16305)

The version of Mobatek MobaXterm installed on the remote host is 11.1 and 12.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-16305 advisory. - In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup...

8.8CVSS7.4AI score0.06743EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.110 views

Mobatek MobaXterm < 22.3 (CVE-2022-38337)

The version of Mobatek MobaXterm installed on the remote host is prior to 22.3. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-38337 advisory. - When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as...

9.1CVSS7.2AI score0.00729EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.15 views

Mobatek MobaXterm < 8.3 (CVE-2015-7244)

The version of Mobatek MobaXterm installed on the remote host is prior to 8.3. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-7244 advisory. - The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does n...

7.5CVSS6AI score0.05049EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.7 views

Mobatek MobaXterm Installed (Windows)

Binary data mobatekmobaxtermwininstalled.nbin...

7.3AI score
Exploits0References1
OSV
OSV
added 2022/12/06 12:15 a.m.6 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS5.8AI score0.00729EPSS
Exploits0References2
NVD
NVD
added 2022/12/06 12:15 a.m.26 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS0.00729EPSS
Exploits0References2
OSV
OSV
added 2022/12/06 12:15 a.m.7 views

CVE-2022-38336

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication...

8.1CVSS5.8AI score0.00829EPSS
Exploits1References1
NVD
NVD
added 2022/12/06 12:15 a.m.32 views

CVE-2022-38336

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication...

8.1CVSS0.00829EPSS
Exploits1References1
Rows per page
Query Builder