Security Advisory

CVE-2022-38337

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-05 00:00:00

Last updated 2025-04-24 14:34:43

Assigner mitre

State PUBLISHED

Description

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.

← Browse all CVEs View on cve.org ↗