cbcvebase.
CVE-2022-38336
published 2022-12-06

CVE-2022-38336: An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.

PriorityP345high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
0.83%
52.9th percentile
An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
mobatekmobaxterm< 22.222.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.