Vulnerability in Mobatek Mobaxterm

CVE-2015-7244

The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote attackers to execute arbitrary commands or obta…

EPSS: 0.044 (89.2th percentile) — read the EPSS interpretation.

Affected products

Mobatek Mobaxterm
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cret@cert.org (x_refsource_MISC)
VU#316888 (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)