Unrated severityNVD Advisory· Published Jul 9, 2019· Updated Aug 4, 2024
CVE-2019-13475
CVE-2019-13475
Description
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. Based on the available command-line arguments of the software, one can simply inject -exec to execute arbitrary commands. The additional arguments -hideterm and -exitwhendone in the payload make the attack less visible.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MobaXterm/MobaXtermdescription
Patches
Vulnerability mechanics
References
1- www.vulnerability-lab.com/get_content.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.