An access control issue in MobaXterm before v22.1 allows malicious users to make connections to the server via the SSH or SFTP protocols without authentication.
mobatek mobaxterm