Vulnerabilidades em rustdesk-client
10 resultadosCVE-2026-30797CRITICALRustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled ServerEPSS 0.5%CVE-2026-30783MEDIUMRustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL PoliciesEPSS 0.4%CVE-2026-30793CRITICALRustDesk Flutter URI Handler Sets Permanent Password Without Privilege Check or User ConfirmationEPSS 0.3%CVE-2026-30798HIGHRustDesk Client Accepts Unauthenticated stop-service Command via Strategy PayloadEPSS 0.3%CVE-2026-30795HIGHRustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake FailureEPSS 0.3%CVE-2026-30789MEDIUMRustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-ForceEPSS 0.3%CVE-2026-30792HIGHRustDesk Client Blindly Merges Unauthenticated Strategy Payloads, Bypassing Local Security SettingsEPSS 0.3%CVE-2026-30796MEDIUMRustDesk Client Transmits Preset Address Book Password Verbatim in Heartbeat SyncEPSS 0.3%CVE-2026-30791HIGHRustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic ValidationEPSS 0.2%CVE-2026-30785HIGHRustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)EPSS 0.1%