PT-2021-17963 · Mobaxterm · Mobaxterm

Published

2021-06-03

Updated

2022-07-12

CVE-2021-28847

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: MobaXterm versions prior to 21.0

Description: The issue allows remote servers to cause a denial of service, resulting in a Windows GUI hang, via tab title change requests sent repeatedly at high speed. This leads to many SetWindowTextA or SetWindowTextW calls.

Recommendations: For versions prior to 21.0, update to version 21.0 or later to resolve the issue. As a temporary workaround, consider restricting the speed of tab title change requests from remote servers to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-28847

Affected Products

Mobaxterm

PT-2021-17963 · Mobaxterm · Mobaxterm

CVE-2021-28847

Related Identifiers

Affected Products

References · 5