Skip to main content

Mobaxterm

10 CVEs product

Monthly

CVE-2026-25866 HIGH This Week

Local privilege escalation in MobaXterm before 26.1 allows authenticated users with file system write access to execute arbitrary code by DLL hijacking the Notepad++ launch process. When opening remote files, MobaXterm calls WinExec without a fully qualified path, enabling attackers to place malicious executables in the search path to achieve code execution in the victim user's context. EPSS score of 0.01% (2nd percentile) indicates low probability of imminent widespread exploitation, consistent with the local attack vector requiring pre-existing system access. No active exploitation confirmed in CISA KEV; public exploit code status unknown.

RCE Mobaxterm
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2022-38337 CRITICAL PATCH Act Now

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Denial Of Service Mobaxterm
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2022-38336 HIGH POC This Week

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Mobaxterm
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2021-28847 HIGH This Week

MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Mobaxterm
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-16305 HIGH POC This Week

In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Mobaxterm
NVD
CVSS 3.1
8.8
EPSS
6.7%
CVE-2019-13475 HIGH POC This Week

In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Mobaxterm
NVD
CVSS 3.0
8.8
EPSS
4.1%
CVE-2019-7690 CRITICAL POC Act Now

In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mobaxterm
NVD GitHub
CVSS 3.0
9.8
EPSS
3.2%
CVE-2017-15376 CRITICAL POC Act Now

The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Mobaxterm
NVD
CVSS 3.1
9.8
EPSS
4.4%
CVE-2017-6805 MEDIUM POC THREAT This Month

Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Path Traversal Mobaxterm
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
16.9%
CVE-2015-7244 HIGH PATCH This Week

The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Mobaxterm
NVD
CVSS 2.0
7.5
EPSS
4.4%
EPSS 0% CVSS 8.5
HIGH This Week

Local privilege escalation in MobaXterm before 26.1 allows authenticated users with file system write access to execute arbitrary code by DLL hijacking the Notepad++ launch process. When opening remote files, MobaXterm calls WinExec without a fully qualified path, enabling attackers to place malicious executables in the search path to achieve code execution in the victim user's context. EPSS score of 0.01% (2nd percentile) indicates low probability of imminent widespread exploitation, consistent with the local attack vector requiring pre-existing system access. No active exploitation confirmed in CISA KEV; public exploit code status unknown.

RCE Mobaxterm
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Denial Of Service Mobaxterm
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Mobaxterm
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Mobaxterm
NVD
EPSS 7% CVSS 8.8
HIGH POC This Week

In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Mobaxterm
NVD
EPSS 4% CVSS 8.8
HIGH POC This Week

In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Mobaxterm
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mobaxterm
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Mobaxterm
NVD
EPSS 17% CVSS 5.3
MEDIUM POC THREAT This Month

Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Path Traversal Mobaxterm
NVD Exploit-DB
EPSS 4% CVSS 7.5
HIGH PATCH This Week

The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Mobaxterm
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy