Mobatek Mobaxterm
5 CVEs affecting Mobatek Mobaxterm. Latest disclosed: 2026-03-09. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-15376 | Critical | 9.8 | 2017-10-16 | The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23. |
CVE-2026-25866 | High | 7.8 | 2026-03-09 | MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully… |
CVE-2025-0714 | Medium | 6.5 | 2025-02-17 | The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector (IV) consisting only of… |
CVE-2017-6805 | Medium | 5.3 | 2017-03-20 | Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a… |
CVE-2015-7244 | | 2015-11-04 | The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11… |