CVE-2019-25741— Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File
Possible ATT&CK Techniques 3AI
T1055 · Process Injection T1059 · Command and Scripting Interpreter T1203 · Exploitation for Client ExecutionAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mobatek | Mobatek MobaXterm | 12.1 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-25741
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File
Source: NVD (National Vulnerability Database)
Vulnerability Description
Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the vulnerability when imported and executed, enabling reverse shell execution with user privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mobatek MobaXterm 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mobatek MobaXterm是法国Mobatek公司的一套集成了增强型终端、X服务器和Unix命令集(GNU/Cygwin)的终端软件。 Mobatek MobaXterm 12.1版本存在安全漏洞,该漏洞源于会话文件用户名字段中的结构化异常处理缓冲区溢出,可能导致远程攻击者执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Mobatek | Mobatek MobaXterm | 12.1 | - |
II. Public POCs for CVE-2019-25741
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-25741
请登录查看更多情报信息。
Vendor Advisories for CVE-2019-25741 (1)
Exploits & Public PoCs for CVE-2019-25741 (1)
Other References for CVE-2019-25741 (1)
IV. Related Vulnerabilities
Same vendor: Mobatek
- CVE-2026-11967
Arbitrary code execution in MobaXterm Personal Edition (Port - CVE-2026-11879
Arbitrary code execution in MobaXterm Personal Edition (Port - CVE-2026-6421
Mobatek MobaXterm Home Edition msimg32.dll uncontrolled sear - CVE-2026-25866
MobaXterm < 26.1 Notepad++ Unquoted Service Path - CVE-2025-0714
Insecure storage of sensitive information in MobaXTerm <25.0
Same weakness: CWE-120
- CVE-2026-43994
Coturn: Stack buffer overflow in decode_oauth_token_gcm() - CVE-2026-7300
Buffer Copy without Checking Size of Input ('Classic Buffer - CVE-2026-12192
GALAYOU Y4 Web Server buffer overflow - CVE-2026-11517
UTT HiPER 2610G formConfigDnsFilterGlobal strcpy buffer over - CVE-2026-11516
UTT HiPER 2610G formNatStaticMap strcpy buffer overflow
V. Comments for CVE-2019-25741
No comments yet