CVE-2019-13475

by Fred · 09/07/2019

In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. Based on the available command-line arguments of the software, one can simply inject -exec to execute arbitrary commands. The additional arguments -hideterm and -exitwhendone in the payload make the attack less visible.

Date published : 2019-07-09

https://www.vulnerability-lab.com/get_content.php?id=2186

CVE-2019-13475

Similar

Recent Posts

Categories

CVE-2019-13475

Share this:

Similar

Recent Posts

Categories

Tags