Mobatek · Mobaxterm · CVE-2019-25741
**Name of the Vulnerable Software and Affected Versions**
Mobatek MobaXterm version 12.1
**Description**
A structured exception handling (SEH) based buffer overflow exists in the username field of session files. This allows remote attackers to execute arbitrary code by crafting a malicious sessions file containing overflow data. When this file is imported and executed, it can enable the execution of a reverse shell with user privileges.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.