virus logo FortiClient Vulnerability

Mobatek MobaXterm CVE-2019-16305 Command Injection Vulnerability

description-logoDescription

In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup asking whether the user wants to run MobaXterm to handle the link. If accepted, another popup appears asking for further confirmation. If this is also accepted, command execution is achieved.

affected-products-logoAffected Applications

MobaXterm

CVE References

CVE-2019-16305

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16305
ID 4251
Created Feb 23, 2022
Description
Updated		 Oct 26, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Mobatek
Patch manual
Application MobaXterm