Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mobatek MobaXterm 信任管理问题漏洞
Vulnerability Description
Mobatek MobaXterm是法国Mobatek公司的一套集成了增强型终端、X服务器和Unix命令集(GNU/Cygwin)的终端软件。 Mobatek MobaXterm v22.1之前版本存在安全漏洞,该漏洞源于中止 SFTP 连接时,MobaXterm 会向服务器发送硬编码密码,服务器将此视为无效登录尝试,如果使用 fail2ban 等服务,可能会导致用户拒绝服务 (DoS)。
CVSS Information
N/A
Vulnerability Type
N/A