[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-25741":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":72,"aliases":87,"duplicate_of":9,"upstream":88,"downstream":89,"duplicates":90,"related":91,"reserved_at":9,"published_at":92,"modified_at":93,"state":94,"summary":95,"references_raw":101,"kevs":117,"epss":9,"epss_history":118,"metrics":119,"affected":131},"CVE-2019-25741","Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the vulnerability when imported and executed, enabling reverse shell execution with user privileges.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","weakness","Incomplete","Base","High",[20,24,28,32,36,40,44,48,52,56,60,64,68],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":33,"name":34,"techniques":35},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-42","MIME Conversion",[],{"id":41,"name":42,"techniques":43},"CAPEC-44","Overflow Binary Resource File",[],{"id":45,"name":46,"techniques":47},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":49,"name":50,"techniques":51},"CAPEC-46","Overflow Variables and Tags",[],{"id":53,"name":54,"techniques":55},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":57,"name":58,"techniques":59},"CAPEC-67","String Format Overflow in syslog()",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":69,"name":70,"techniques":71},"CAPEC-92","Forced Integer Overflow",[],[73],{"_key":74,"name":75,"source":76,"url":77,"maturity":78,"reliability_score":79,"verified":80,"type":81,"platforms":82,"requires_auth":9,"exploitdb":84,"metasploit":9},"47429","Mobatek MobaXterm 12.1 - Buffer Overflow (SEH)","exploit-database","https://www.exploit-db.com/exploits/47429","poc",0.5,false,"local",[83],"windows",{"verified":80,"type":81,"platform":83,"file":85,"codes":86},"exploits/windows/local/47429.py",[],[],[],[],[],[],"2026-06-04T13:22:45.443Z","2026-06-04T15:06:20.007Z","Deferred",{"cisa_kev":80,"cisa_ransomware":80,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":96,"severity_score":97,"severity_version":98,"severity_source":99,"severity_vector":100,"severity_status":94},"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[102,107,112],{"url":77,"sources":103,"tags":105},[99,104],"nvd",[106],"Exploit",{"url":108,"sources":109,"tags":110},"https://download.mobatek.net/1112019010310554/MobaXterm_Portable_v11.1.zip",[99,104],[111],"Product",{"url":113,"sources":114,"tags":115},"https://www.vulncheck.com/advisories/mobatek-mobaxterm-buffer-overflow-via-sessions-file",[99,104],[116],"Third Party Advisory",[],[],[120,127],{"source":99,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":121,"cvss_v4_0":124},{"baseScore":97,"baseSeverity":122,"vectorString":100,"impactScore":97,"exploitabilityScore":123},"CRITICAL",10,{"baseScore":125,"baseSeverity":122,"vectorString":126,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",{"source":104,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":128,"cvss_v4_0":129},{"baseScore":97,"baseSeverity":122,"vectorString":100,"impactScore":97,"exploitabilityScore":123},{"baseScore":125,"baseSeverity":122,"vectorString":130,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",[132],{"ecosystem":9,"name":133,"vendor":134,"product":135,"cpe_part":136,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":137},"Mobatek MobaXterm","mobatek","mobatek mobaxterm","a",[138],{"version":139,"is_range":80,"range_type":99,"version_start":139,"version_start_type":140,"version_end":139,"version_end_type":140,"fixed_in":9},"12.1","including"]