Search

Find a vulnerability

Search criteria

    24 vulnerabilities found for RustDesk Client by rustdesk-client

    CVE-2026-30798 (GCVE-0-2026-30798)

    Vulnerability from nvd – Published: 2026-03-05 15:38 – Updated: 2026-06-22 13:17
    VLAI
    Title
    RustDesk Client Accepts Unauthenticated stop-service Command via Strategy Payload
    Summary
    Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop. This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    • CWE-755 - Improper Handling of Exceptional Conditions
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30798",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:32:18.919197Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:32:22.806Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Heartbeat sync loop",
                "strategy processing"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "stop-service handler in heartbeat loop"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Client connected to API server (or re-homed via rustdesk://config)"
                }
              ],
              "value": "Client connected to API server (or re-homed via rustdesk://config)"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation.\u003cp\u003e This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.8.\u003c/p\u003e"
                }
              ],
              "value": "Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation.\n\n This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop.\n\n\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available.\u003cbr\u003e"
                }
              ],
              "value": "PoC available."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-272",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-272 Protocol Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345 Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-755",
                  "description": "CWE-755 Improper Handling of Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:17:58.024Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Remove remote kill logic, or require time-limited signed payloads"
                }
              ],
              "value": "Remove remote kill logic, or require time-limited signed payloads"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Accepts Unauthenticated stop-service Command via Strategy Payload",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "None effective"
                }
              ],
              "value": "None effective"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30798",
        "datePublished": "2026-03-05T15:38:49.156Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:17:58.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30797 (GCVE-0-2026-30797)

    Vulnerability from nvd – Published: 2026-03-05 15:35 – Updated: 2026-03-17 14:31
    VLAI
    Title
    RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server
    Summary
    Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flutter/lib/common.Dart and program routines importConfig() via URI handler. This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30797",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:31:54.962148Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:31:59.164Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Flutter URI scheme handler",
                "config import"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "flutter/lib/common.dart"
              ],
              "programRoutines": [
                {
                  "name": "importConfig() via URI handler"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
                }
              ],
              "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eflutter/lib/common.Dart\u003c/tt\u003e and program routines \u003ctt\u003eimportConfig() via URI handler\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flutter/lib/common.Dart and program routines importConfig() via URI handler.\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-384",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-384 Application API Message Manipulation via Man-in-the-Middle"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862 Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-749",
                  "description": "CWE-749",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:53:48.123Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Require admin elevation and user confirmation. Add config to disable. Sign config payloads."
                }
              ],
              "value": "Require admin elevation and user confirmation. Add config to disable. Sign config payloads."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unregister the \u003ccode\u003erustdesk://\u003c/code\u003e URI scheme handler at OS level"
                }
              ],
              "value": "Unregister the rustdesk:// URI scheme handler at OS level"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30797",
        "datePublished": "2026-03-05T15:35:08.889Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-17T14:31:59.164Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30796 (GCVE-0-2026-30796)

    Vulnerability from nvd – Published: 2026-03-05 15:30 – Updated: 2026-06-22 13:17
    VLAI
    Title
    RustDesk Client Transmits Preset Address Book Password Verbatim in Heartbeat Sync
    Summary
    Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks. The client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the automatic invalid-certificate TLS downgrade (CVE-2026-30794) or a re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book. This vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password). This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30796",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:31:35.721954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:31:39.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Address book sync",
                "Heartbeat sync loop"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "heartbeat sync body builder (emits preset-address-book-password verbatim)"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "Server Pro",
                      "status": "affected"
                    }
                  ],
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Client with a preset address book password configured"
                }
              ],
              "value": "Client with a preset address book password configured"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks.\u003cbr\u003e\u003cbr\u003eThe client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the automatic invalid-certificate TLS downgrade (CVE-2026-30794) or a re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book.\u003cbr\u003e\u003cbr\u003eThis vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password).\u003cbr\u003e\u003cbr\u003eThis issue affects RustDesk Client: through 1.4.8."
                }
              ],
              "value": "Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks.\n\nThe client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the automatic invalid-certificate TLS downgrade (CVE-2026-30794) or a re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book.\n\nThis vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password).\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-157",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-157 Sniffing Attacks"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:17:31.551Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Transition Address Book API to SRP (Secure Remote Password)"
                }
              ],
              "value": "Transition Address Book API to SRP (Secure Remote Password)"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Transmits Preset Address Book Password Verbatim in Heartbeat Sync",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Avoid setting address book passwords; use account-based access only"
                }
              ],
              "value": "Avoid setting address book passwords; use account-based access only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30796",
        "datePublished": "2026-03-05T15:30:39.605Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:17:31.551Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30795 (GCVE-0-2026-30795)

    Vulnerability from nvd – Published: 2026-03-05 15:27 – Updated: 2026-03-17 14:31
    VLAI
    Title
    RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure
    Summary
    Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines Heartbeat JSON payload construction (preset-address-book-password). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    URL Tags
    https://github.com/rustdesk/rustdesk product
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30795",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:31:11.597938Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:31:15.664Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Heartbeat sync loop"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "Heartbeat JSON payload construction (preset-address-book-password)"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Pro server with address book password configured"
                }
              ],
              "value": "Pro server with address book password configured"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003esrc/hbbs_http/sync.Rs\u003c/tt\u003e and program routines \u003ctt\u003eHeartbeat JSON payload construction (preset-address-book-password)\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines Heartbeat JSON payload construction (preset-address-book-password).\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-157",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-157 Sniffing Attacks"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:49:01.779Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/rustdesk/rustdesk"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Hash or encrypt the credential before transmission. Transition to SRP."
                }
              ],
              "value": "Hash or encrypt the credential before transmission. Transition to SRP."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Avoid setting address book passwords; use account-based access only"
                }
              ],
              "value": "Avoid setting address book passwords; use account-based access only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30795",
        "datePublished": "2026-03-05T15:27:16.596Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-17T14:31:15.664Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30794 (GCVE-0-2026-30794)

    Vulnerability from nvd – Published: 2026-03-05 15:24 – Updated: 2026-06-22 13:07
    VLAI

    This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

    Show details on NVD website

    {
      "containers": {
        "cna": {
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:07:16.269Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "rejectedReasons": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
                }
              ],
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30794",
        "datePublished": "2026-03-05T15:24:34.784Z",
        "dateRejected": "2026-06-22T13:07:16.269Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:07:16.269Z",
        "state": "REJECTED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30793 (GCVE-0-2026-30793)

    Vulnerability from nvd – Published: 2026-03-05 15:21 – Updated: 2026-03-17 14:30
    VLAI
    Title
    RustDesk Flutter URI Handler Sets Permanent Password Without Privilege Check or User Confirmation
    Summary
    Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword(). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30793",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:30:47.078828Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:30:50.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Flutter URI scheme handler",
                "FFI bridge"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "flutter/lib/common.dart",
                "src/flutter_ffi.rs"
              ],
              "programRoutines": [
                {
                  "name": "URI handler for rustdesk://password/"
                },
                {
                  "name": "bind.mainSetPermanentPassword()"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
                }
              ],
              "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eflutter/lib/common.Dart\u003c/tt\u003e, \u003ctt\u003esrc/flutter_ffi.Rs\u003c/tt\u003e and program routines \u003ctt\u003eURI handler for rustdesk://password/\u003c/tt\u003e, \u003ctt\u003ebind.MainSetPermanentPassword()\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword().\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:44:10.703Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/rustdesk/rustdesk"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/rustdesk/hbb_common"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Synchronize privilege logic between CLI and GUI. Require user confirmation. Add config to disable."
                }
              ],
              "value": "Synchronize privilege logic between CLI and GUI. Require user confirmation. Add config to disable."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Flutter URI Handler Sets Permanent Password Without Privilege Check or User Confirmation",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unregister the \u003ccode\u003erustdesk://\u003c/code\u003e URI scheme handler at OS level"
                }
              ],
              "value": "Unregister the rustdesk:// URI scheme handler at OS level"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30793",
        "datePublished": "2026-03-05T15:21:03.405Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-17T14:30:50.566Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30792 (GCVE-0-2026-30792)

    Vulnerability from nvd – Published: 2026-03-05 15:14 – Updated: 2026-06-22 13:17
    VLAI
    Title
    RustDesk Client Blindly Merges Unauthenticated Strategy Payloads, Bypassing Local Security Settings
    Summary
    A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options(). This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/self-host/client-con… technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30792",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T10:24:56.279793Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T10:25:16.901Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Strategy sync",
                "HTTP API client",
                "config options engine"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android",
                "WebClient"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs",
                "hbb_common/src/config.rs"
              ],
              "programRoutines": [
                {
                  "name": "Strategy merge loop in sync.rs"
                },
                {
                  "name": "Config::set_options()"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Client connected to any API server (Pro). MiTM or re-homing can also trigger."
                }
              ],
              "value": "Client connected to any API server (Pro). MiTM or re-homing can also trigger."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:webclient:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle.\u003cp\u003e This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options().\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.8.\u003c/p\u003e"
                }
              ],
              "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle.\n\n This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options().\n\n\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-384",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-384 Application API Message Manipulation via Man-in-the-Middle"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345 Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:17:04.057Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/self-host/client-configuration/advanced-settings/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Enforce runtime toggle checks. Implement payload signing with server private key."
                }
              ],
              "value": "Enforce runtime toggle checks. Implement payload signing with server private key."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Blindly Merges Unauthenticated Strategy Payloads, Bypassing Local Security Settings",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "None effective \u2014 \u003ccode\u003eallow-remote-config-modification\u003c/code\u003e toggle is ignored"
                }
              ],
              "value": "None effective \u2014 allow-remote-config-modification toggle is ignored"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30792",
        "datePublished": "2026-03-05T15:14:43.719Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:17:04.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30790 (GCVE-0-2026-30790)

    Vulnerability from nvd – Published: 2026-03-05 15:49 – Updated: 2026-06-22 13:06
    VLAI

    This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

    Show details on NVD website

    {
      "containers": {
        "cna": {
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:06:15.128Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "rejectedReasons": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
                }
              ],
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30790",
        "datePublished": "2026-03-05T15:49:15.539Z",
        "dateRejected": "2026-06-22T13:06:15.128Z",
        "dateReserved": "2026-03-05T14:13:37.202Z",
        "dateUpdated": "2026-06-22T13:06:15.128Z",
        "state": "REJECTED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30789 (GCVE-0-2026-30789)

    Vulnerability from nvd – Published: 2026-03-05 15:41 – Updated: 2026-06-22 13:16
    VLAI
    Title
    RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force
    Summary
    Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing. The authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery. This vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction). This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-916 - Use of Password Hash With Insufficient Computational Effort
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30789",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:32:41.844771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:32:45.784Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Client login",
                "peer authentication"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/client.rs"
              ],
              "programRoutines": [
                {
                  "name": "handle_hash()"
                },
                {
                  "name": "handle_login_from_ui() (login proof construction)"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any password-based authentication"
                }
              ],
              "value": "Default \u2014 any password-based authentication"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing.\u003cbr\u003e\u003cbr\u003eThe authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery.\u003cbr\u003e\u003cbr\u003eThis vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction).\u003cbr\u003e\u003cbr\u003eThis issue affects RustDesk Client: through 1.4.8."
                }
              ],
              "value": "Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing.\n\nThe authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery.\n\nThis vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction).\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available.\u003cbr\u003e"
                }
              ],
              "value": "PoC available."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-49",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-49 Password Brute Forcing"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-916",
                  "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:16:30.794Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Add a client-side nonce to the auth proof and use a slow KDF (e.g., Argon2id). Transition to SRP."
                }
              ],
              "value": "Add a client-side nonce to the auth proof and use a slow KDF (e.g., Argon2id). Transition to SRP."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use long (16+ char) random passwords. Enable 2FA where available."
                }
              ],
              "value": "Use long (16+ char) random passwords. Enable 2FA where available."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30789",
        "datePublished": "2026-03-05T15:41:51.417Z",
        "dateReserved": "2026-03-05T14:13:37.202Z",
        "dateUpdated": "2026-06-22T13:16:30.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30785 (GCVE-0-2026-30785)

    Vulnerability from nvd – Published: 2026-03-05 16:04 – Updated: 2026-03-06 10:32
    VLAI
    Title
    RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)
    Summary
    Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id(). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-257
    • CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
    • CWE-323
    • CWE-916 - Use of Password Hash With Insufficient Computational Effort
    Assigner
    References
    URL Tags
    https://github.com/rustdesk/rustdesk/discussions/9229 technical-descriptionx_--config documentation
    https://github.com/rustdesk/rustdesk/discussions/4979 technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30785",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T10:32:18.593322Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T10:32:38.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Password security module",
                "config encryption",
                "machine UID"
              ],
              "packageName": "rustdesk, hbb_common",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "hbb_common/src/password_security.rs",
                "hbb_common/src/config.rs",
                "hbb_common/src/lib.rs (get_uuid)",
                "machine-uid/src/lib.rs"
              ],
              "programRoutines": [
                {
                  "name": "symmetric_crypt()"
                },
                {
                  "name": "encrypt_str_or_original()"
                },
                {
                  "name": "decrypt_str_or_original()"
                },
                {
                  "name": "get_uuid()"
                },
                {
                  "name": "get_machine_id()"
                }
              ],
              "repo": "https://github.com/rustdesk/hbb_common,https://github.com/rustdesk-org/machine-uid",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any desktop installation with permanent password or saved peers"
                }
              ],
              "value": "Default \u2014 any desktop installation with permanent password or saved peers"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ehbb_common/src/password_security.Rs\u003c/tt\u003e, \u003ctt\u003ehbb_common/src/config.Rs\u003c/tt\u003e, \u003ctt\u003ehbb_common/src/lib.Rs (get_uuid)\u003c/tt\u003e, \u003ctt\u003emachine-uid/src/lib.Rs\u003c/tt\u003e and program routines \u003ctt\u003esymmetric_crypt()\u003c/tt\u003e, \u003ctt\u003eencrypt_str_or_original()\u003c/tt\u003e, \u003ctt\u003edecrypt_str_or_original()\u003c/tt\u003e, \u003ctt\u003eget_uuid()\u003c/tt\u003e, \u003ctt\u003eget_machine_id()\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id().\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-257",
                  "description": "CWE-257",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1321",
                  "description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-323",
                  "description": "CWE-323",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-916",
                  "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T17:05:28.602Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://github.com/rustdesk/rustdesk/discussions/9229"
            },
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://github.com/rustdesk/rustdesk/discussions/4979"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use one-way hashing (Argon2id) for passwords. Use OS-native credential stores (DPAPI, Keychain, libsecret) for recoverable secrets. Apply proper KDF. Use random nonces."
                }
              ],
              "value": "Use one-way hashing (Argon2id) for passwords. Use OS-native credential stores (DPAPI, Keychain, libsecret) for recoverable secrets. Apply proper KDF. Use random nonces."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Set restrictive file permissions on TOML config files. Avoid saving peer passwords."
                }
              ],
              "value": "Set restrictive file permissions on TOML config files. Avoid saving peer passwords."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30785",
        "datePublished": "2026-03-05T16:04:36.443Z",
        "dateReserved": "2026-03-05T14:13:35.407Z",
        "dateUpdated": "2026-03-06T10:32:38.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30783 (GCVE-0-2026-30783)

    Vulnerability from nvd – Published: 2026-03-05 15:52 – Updated: 2026-06-22 13:18
    VLAI
    Title
    RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies
    Summary
    A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling. This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-602 - Client-Side Enforcement of Server-Side Security
    • CWE-841 - Improper Enforcement of Behavioral Workflow
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30783",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T10:26:06.050744Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T10:27:23.721Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Client signaling",
                "API sync loop",
                "config management"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android",
                "WebClient"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/rendezvous_mediator.rs",
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "API sync loop"
                },
                {
                  "name": "api-server config handling"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any client deployment (OSS or Pro)"
                }
              ],
              "value": "Default \u2014 any client deployment (OSS or Pro)"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:webclient:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse.\u003cp\u003e This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.8.\u003c/p\u003e"
                }
              ],
              "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse.\n\n This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling.\n\n\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-122",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-122 Privilege Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602 Client-Side Enforcement of Server-Side Security",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-841",
                  "description": "CWE-841 Improper Enforcement of Behavioral Workflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:18:26.738Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Move enforcement to server side. Require Signed Session Authorization Tokens."
                }
              ],
              "value": "Move enforcement to server side. Require Signed Session Authorization Tokens."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Restrict physical/remote access to RustDesk config files"
                }
              ],
              "value": "Restrict physical/remote access to RustDesk config files"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30783",
        "datePublished": "2026-03-05T15:52:21.992Z",
        "dateReserved": "2026-03-05T14:13:35.407Z",
        "dateUpdated": "2026-06-22T13:18:26.738Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30791 (GCVE-0-2026-30791)

    Vulnerability from nvd – Published: 2026-03-05 14:47 – Updated: 2026-03-06 18:16
    VLAI
    Title
    RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation
    Summary
    Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig(). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T18:16:06.560937Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T18:16:16.130Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Config import",
                "URI scheme handler",
                "CLI --config"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android",
                "WebClient"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "flutter/lib/common.dart",
                "hbb_common/src/config.rs"
              ],
              "programRoutines": [
                {
                  "name": "parseRustdeskUri()"
                },
                {
                  "name": "importConfig()"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any deployment using \"Encrypted Config\" strings\u003cbr\u003e"
                }
              ],
              "value": "Default \u2014 any deployment using \"Encrypted Config\" strings"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:webclient:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eflutter/lib/common.Dart\u003c/tt\u003e, \u003ctt\u003ehbb_common/src/config.Rs\u003c/tt\u003e and program routines \u003ctt\u003eparseRustdeskUri()\u003c/tt\u003e, \u003ctt\u003eimportConfig()\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig().\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-684",
                  "description": "CWE-684",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:38:34.973Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Implement AES-256-GCM AEAD or equivalent authenticated encryption\u003cbr\u003e"
                }
              ],
              "value": "Implement AES-256-GCM AEAD or equivalent authenticated encryption"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Treat config strings as public; restrict distribution to trusted channels only\u003cbr\u003e"
                }
              ],
              "value": "Treat config strings as public; restrict distribution to trusted channels only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30791",
        "datePublished": "2026-03-05T14:47:56.960Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-06T18:16:16.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30785 (GCVE-0-2026-30785)

    Vulnerability from cvelistv5 – Published: 2026-03-05 16:04 – Updated: 2026-03-06 10:32
    VLAI
    Title
    RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)
    Summary
    Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id(). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-257
    • CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
    • CWE-323
    • CWE-916 - Use of Password Hash With Insufficient Computational Effort
    Assigner
    References
    URL Tags
    https://github.com/rustdesk/rustdesk/discussions/9229 technical-descriptionx_--config documentation
    https://github.com/rustdesk/rustdesk/discussions/4979 technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30785",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T10:32:18.593322Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T10:32:38.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Password security module",
                "config encryption",
                "machine UID"
              ],
              "packageName": "rustdesk, hbb_common",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "hbb_common/src/password_security.rs",
                "hbb_common/src/config.rs",
                "hbb_common/src/lib.rs (get_uuid)",
                "machine-uid/src/lib.rs"
              ],
              "programRoutines": [
                {
                  "name": "symmetric_crypt()"
                },
                {
                  "name": "encrypt_str_or_original()"
                },
                {
                  "name": "decrypt_str_or_original()"
                },
                {
                  "name": "get_uuid()"
                },
                {
                  "name": "get_machine_id()"
                }
              ],
              "repo": "https://github.com/rustdesk/hbb_common,https://github.com/rustdesk-org/machine-uid",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any desktop installation with permanent password or saved peers"
                }
              ],
              "value": "Default \u2014 any desktop installation with permanent password or saved peers"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ehbb_common/src/password_security.Rs\u003c/tt\u003e, \u003ctt\u003ehbb_common/src/config.Rs\u003c/tt\u003e, \u003ctt\u003ehbb_common/src/lib.Rs (get_uuid)\u003c/tt\u003e, \u003ctt\u003emachine-uid/src/lib.Rs\u003c/tt\u003e and program routines \u003ctt\u003esymmetric_crypt()\u003c/tt\u003e, \u003ctt\u003eencrypt_str_or_original()\u003c/tt\u003e, \u003ctt\u003edecrypt_str_or_original()\u003c/tt\u003e, \u003ctt\u003eget_uuid()\u003c/tt\u003e, \u003ctt\u003eget_machine_id()\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id().\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-257",
                  "description": "CWE-257",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1321",
                  "description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-323",
                  "description": "CWE-323",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-916",
                  "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T17:05:28.602Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://github.com/rustdesk/rustdesk/discussions/9229"
            },
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://github.com/rustdesk/rustdesk/discussions/4979"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use one-way hashing (Argon2id) for passwords. Use OS-native credential stores (DPAPI, Keychain, libsecret) for recoverable secrets. Apply proper KDF. Use random nonces."
                }
              ],
              "value": "Use one-way hashing (Argon2id) for passwords. Use OS-native credential stores (DPAPI, Keychain, libsecret) for recoverable secrets. Apply proper KDF. Use random nonces."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Set restrictive file permissions on TOML config files. Avoid saving peer passwords."
                }
              ],
              "value": "Set restrictive file permissions on TOML config files. Avoid saving peer passwords."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30785",
        "datePublished": "2026-03-05T16:04:36.443Z",
        "dateReserved": "2026-03-05T14:13:35.407Z",
        "dateUpdated": "2026-03-06T10:32:38.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30783 (GCVE-0-2026-30783)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:52 – Updated: 2026-06-22 13:18
    VLAI
    Title
    RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies
    Summary
    A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling. This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-602 - Client-Side Enforcement of Server-Side Security
    • CWE-841 - Improper Enforcement of Behavioral Workflow
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30783",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T10:26:06.050744Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T10:27:23.721Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Client signaling",
                "API sync loop",
                "config management"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android",
                "WebClient"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/rendezvous_mediator.rs",
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "API sync loop"
                },
                {
                  "name": "api-server config handling"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any client deployment (OSS or Pro)"
                }
              ],
              "value": "Default \u2014 any client deployment (OSS or Pro)"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:webclient:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse.\u003cp\u003e This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.8.\u003c/p\u003e"
                }
              ],
              "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse.\n\n This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling.\n\n\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-122",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-122 Privilege Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602 Client-Side Enforcement of Server-Side Security",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-841",
                  "description": "CWE-841 Improper Enforcement of Behavioral Workflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:18:26.738Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Move enforcement to server side. Require Signed Session Authorization Tokens."
                }
              ],
              "value": "Move enforcement to server side. Require Signed Session Authorization Tokens."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Restrict physical/remote access to RustDesk config files"
                }
              ],
              "value": "Restrict physical/remote access to RustDesk config files"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30783",
        "datePublished": "2026-03-05T15:52:21.992Z",
        "dateReserved": "2026-03-05T14:13:35.407Z",
        "dateUpdated": "2026-06-22T13:18:26.738Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30790 (GCVE-0-2026-30790)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:49 – Updated: 2026-06-22 13:06
    VLAI

    This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

    Show details on NVD website

    {
      "containers": {
        "cna": {
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:06:15.128Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "rejectedReasons": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
                }
              ],
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30790",
        "datePublished": "2026-03-05T15:49:15.539Z",
        "dateRejected": "2026-06-22T13:06:15.128Z",
        "dateReserved": "2026-03-05T14:13:37.202Z",
        "dateUpdated": "2026-06-22T13:06:15.128Z",
        "state": "REJECTED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30789 (GCVE-0-2026-30789)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:41 – Updated: 2026-06-22 13:16
    VLAI
    Title
    RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force
    Summary
    Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing. The authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery. This vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction). This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-916 - Use of Password Hash With Insufficient Computational Effort
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30789",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:32:41.844771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:32:45.784Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Client login",
                "peer authentication"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/client.rs"
              ],
              "programRoutines": [
                {
                  "name": "handle_hash()"
                },
                {
                  "name": "handle_login_from_ui() (login proof construction)"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any password-based authentication"
                }
              ],
              "value": "Default \u2014 any password-based authentication"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing.\u003cbr\u003e\u003cbr\u003eThe authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery.\u003cbr\u003e\u003cbr\u003eThis vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction).\u003cbr\u003e\u003cbr\u003eThis issue affects RustDesk Client: through 1.4.8."
                }
              ],
              "value": "Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing.\n\nThe authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery.\n\nThis vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction).\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available.\u003cbr\u003e"
                }
              ],
              "value": "PoC available."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-49",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-49 Password Brute Forcing"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-916",
                  "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:16:30.794Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Add a client-side nonce to the auth proof and use a slow KDF (e.g., Argon2id). Transition to SRP."
                }
              ],
              "value": "Add a client-side nonce to the auth proof and use a slow KDF (e.g., Argon2id). Transition to SRP."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use long (16+ char) random passwords. Enable 2FA where available."
                }
              ],
              "value": "Use long (16+ char) random passwords. Enable 2FA where available."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30789",
        "datePublished": "2026-03-05T15:41:51.417Z",
        "dateReserved": "2026-03-05T14:13:37.202Z",
        "dateUpdated": "2026-06-22T13:16:30.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30798 (GCVE-0-2026-30798)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:38 – Updated: 2026-06-22 13:17
    VLAI
    Title
    RustDesk Client Accepts Unauthenticated stop-service Command via Strategy Payload
    Summary
    Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop. This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    • CWE-755 - Improper Handling of Exceptional Conditions
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30798",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:32:18.919197Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:32:22.806Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Heartbeat sync loop",
                "strategy processing"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "stop-service handler in heartbeat loop"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Client connected to API server (or re-homed via rustdesk://config)"
                }
              ],
              "value": "Client connected to API server (or re-homed via rustdesk://config)"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation.\u003cp\u003e This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.8.\u003c/p\u003e"
                }
              ],
              "value": "Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation.\n\n This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop.\n\n\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available.\u003cbr\u003e"
                }
              ],
              "value": "PoC available."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-272",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-272 Protocol Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345 Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-755",
                  "description": "CWE-755 Improper Handling of Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:17:58.024Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Remove remote kill logic, or require time-limited signed payloads"
                }
              ],
              "value": "Remove remote kill logic, or require time-limited signed payloads"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Accepts Unauthenticated stop-service Command via Strategy Payload",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "None effective"
                }
              ],
              "value": "None effective"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30798",
        "datePublished": "2026-03-05T15:38:49.156Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:17:58.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30797 (GCVE-0-2026-30797)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:35 – Updated: 2026-03-17 14:31
    VLAI
    Title
    RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server
    Summary
    Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flutter/lib/common.Dart and program routines importConfig() via URI handler. This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30797",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:31:54.962148Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:31:59.164Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Flutter URI scheme handler",
                "config import"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "flutter/lib/common.dart"
              ],
              "programRoutines": [
                {
                  "name": "importConfig() via URI handler"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
                }
              ],
              "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eflutter/lib/common.Dart\u003c/tt\u003e and program routines \u003ctt\u003eimportConfig() via URI handler\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flutter/lib/common.Dart and program routines importConfig() via URI handler.\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-384",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-384 Application API Message Manipulation via Man-in-the-Middle"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862 Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-749",
                  "description": "CWE-749",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:53:48.123Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Require admin elevation and user confirmation. Add config to disable. Sign config payloads."
                }
              ],
              "value": "Require admin elevation and user confirmation. Add config to disable. Sign config payloads."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unregister the \u003ccode\u003erustdesk://\u003c/code\u003e URI scheme handler at OS level"
                }
              ],
              "value": "Unregister the rustdesk:// URI scheme handler at OS level"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30797",
        "datePublished": "2026-03-05T15:35:08.889Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-17T14:31:59.164Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30796 (GCVE-0-2026-30796)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:30 – Updated: 2026-06-22 13:17
    VLAI
    Title
    RustDesk Client Transmits Preset Address Book Password Verbatim in Heartbeat Sync
    Summary
    Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks. The client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the automatic invalid-certificate TLS downgrade (CVE-2026-30794) or a re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book. This vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password). This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30796",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:31:35.721954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:31:39.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Address book sync",
                "Heartbeat sync loop"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "heartbeat sync body builder (emits preset-address-book-password verbatim)"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "Server Pro",
                      "status": "affected"
                    }
                  ],
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Client with a preset address book password configured"
                }
              ],
              "value": "Client with a preset address book password configured"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks.\u003cbr\u003e\u003cbr\u003eThe client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the automatic invalid-certificate TLS downgrade (CVE-2026-30794) or a re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book.\u003cbr\u003e\u003cbr\u003eThis vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password).\u003cbr\u003e\u003cbr\u003eThis issue affects RustDesk Client: through 1.4.8."
                }
              ],
              "value": "Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks.\n\nThe client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the automatic invalid-certificate TLS downgrade (CVE-2026-30794) or a re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book.\n\nThis vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password).\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-157",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-157 Sniffing Attacks"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:17:31.551Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Transition Address Book API to SRP (Secure Remote Password)"
                }
              ],
              "value": "Transition Address Book API to SRP (Secure Remote Password)"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Transmits Preset Address Book Password Verbatim in Heartbeat Sync",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Avoid setting address book passwords; use account-based access only"
                }
              ],
              "value": "Avoid setting address book passwords; use account-based access only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30796",
        "datePublished": "2026-03-05T15:30:39.605Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:17:31.551Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30795 (GCVE-0-2026-30795)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:27 – Updated: 2026-03-17 14:31
    VLAI
    Title
    RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure
    Summary
    Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines Heartbeat JSON payload construction (preset-address-book-password). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    URL Tags
    https://github.com/rustdesk/rustdesk product
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30795",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:31:11.597938Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:31:15.664Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Heartbeat sync loop"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs"
              ],
              "programRoutines": [
                {
                  "name": "Heartbeat JSON payload construction (preset-address-book-password)"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Pro server with address book password configured"
                }
              ],
              "value": "Pro server with address book password configured"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003esrc/hbbs_http/sync.Rs\u003c/tt\u003e and program routines \u003ctt\u003eHeartbeat JSON payload construction (preset-address-book-password)\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines Heartbeat JSON payload construction (preset-address-book-password).\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-157",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-157 Sniffing Attacks"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:49:01.779Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/rustdesk/rustdesk"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Hash or encrypt the credential before transmission. Transition to SRP."
                }
              ],
              "value": "Hash or encrypt the credential before transmission. Transition to SRP."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Avoid setting address book passwords; use account-based access only"
                }
              ],
              "value": "Avoid setting address book passwords; use account-based access only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30795",
        "datePublished": "2026-03-05T15:27:16.596Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-17T14:31:15.664Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30794 (GCVE-0-2026-30794)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:24 – Updated: 2026-06-22 13:07
    VLAI

    This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

    Show details on NVD website

    {
      "containers": {
        "cna": {
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:07:16.269Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "rejectedReasons": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
                }
              ],
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30794",
        "datePublished": "2026-03-05T15:24:34.784Z",
        "dateRejected": "2026-06-22T13:07:16.269Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:07:16.269Z",
        "state": "REJECTED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30793 (GCVE-0-2026-30793)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:21 – Updated: 2026-03-17 14:30
    VLAI
    Title
    RustDesk Flutter URI Handler Sets Permanent Password Without Privilege Check or User Confirmation
    Summary
    Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword(). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30793",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:30:47.078828Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:30:50.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Flutter URI scheme handler",
                "FFI bridge"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "flutter/lib/common.dart",
                "src/flutter_ffi.rs"
              ],
              "programRoutines": [
                {
                  "name": "URI handler for rustdesk://password/"
                },
                {
                  "name": "bind.mainSetPermanentPassword()"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
                }
              ],
              "value": "Default \u2014 RustDesk installed with URI scheme handler registered"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eflutter/lib/common.Dart\u003c/tt\u003e, \u003ctt\u003esrc/flutter_ffi.Rs\u003c/tt\u003e and program routines \u003ctt\u003eURI handler for rustdesk://password/\u003c/tt\u003e, \u003ctt\u003ebind.MainSetPermanentPassword()\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword().\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:44:10.703Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/rustdesk/rustdesk"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/rustdesk/hbb_common"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Synchronize privilege logic between CLI and GUI. Require user confirmation. Add config to disable."
                }
              ],
              "value": "Synchronize privilege logic between CLI and GUI. Require user confirmation. Add config to disable."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Flutter URI Handler Sets Permanent Password Without Privilege Check or User Confirmation",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unregister the \u003ccode\u003erustdesk://\u003c/code\u003e URI scheme handler at OS level"
                }
              ],
              "value": "Unregister the rustdesk:// URI scheme handler at OS level"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30793",
        "datePublished": "2026-03-05T15:21:03.405Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-17T14:30:50.566Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30792 (GCVE-0-2026-30792)

    Vulnerability from cvelistv5 – Published: 2026-03-05 15:14 – Updated: 2026-06-22 13:17
    VLAI
    Title
    RustDesk Client Blindly Merges Unauthenticated Strategy Payloads, Bypassing Local Security Settings
    Summary
    A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options(). This issue affects RustDesk Client: through 1.4.8.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/self-host/client-con… technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.8 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30792",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T10:24:56.279793Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T10:25:16.901Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Strategy sync",
                "HTTP API client",
                "config options engine"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android",
                "WebClient"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "src/hbbs_http/sync.rs",
                "hbb_common/src/config.rs"
              ],
              "programRoutines": [
                {
                  "name": "Strategy merge loop in sync.rs"
                },
                {
                  "name": "Config::set_options()"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Client connected to any API server (Pro). MiTM or re-homing can also trigger."
                }
              ],
              "value": "Client connected to any API server (Pro). MiTM or re-homing can also trigger."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:webclient:*:*:*:*:*",
                      "versionEndIncluding": "1.4.8",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle.\u003cp\u003e This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options().\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.8.\u003c/p\u003e"
                }
              ],
              "value": "A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle.\n\n This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options().\n\n\n\nThis issue affects RustDesk Client: through 1.4.8."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-384",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-384 Application API Message Manipulation via Man-in-the-Middle"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345 Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T13:17:04.057Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/self-host/client-configuration/advanced-settings/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Enforce runtime toggle checks. Implement payload signing with server private key."
                }
              ],
              "value": "Enforce runtime toggle checks. Implement payload signing with server private key."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Blindly Merges Unauthenticated Strategy Payloads, Bypassing Local Security Settings",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "None effective \u2014 \u003ccode\u003eallow-remote-config-modification\u003c/code\u003e toggle is ignored"
                }
              ],
              "value": "None effective \u2014 allow-remote-config-modification toggle is ignored"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30792",
        "datePublished": "2026-03-05T15:14:43.719Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-06-22T13:17:04.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-30791 (GCVE-0-2026-30791)

    Vulnerability from cvelistv5 – Published: 2026-03-05 14:47 – Updated: 2026-03-06 18:16
    VLAI
    Title
    RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation
    Summary
    Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig(). This issue affects RustDesk Client: through 1.4.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://rustdesk.com/docs/en/client/ technical-descriptionx_--config documentation
    https://docs.google.com/document/d/e/2PACX-1vSds6… third-party-advisoryexploit
    https://www.vulsec.org/ vdb-entrythird-party-advisory
    Impacted products
    Vendor Product Version
    rustdesk-client RustDesk Client Affected: 0 , ≤ 1.4.5 (custom)
    Create a notification for this product.
    Date Public
    2026-03-05 13:45
    Credits
    Erez Kalman Erez Kalman
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-30791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-06T18:16:06.560937Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-06T18:16:16.130Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/rustdesk/rustdesk/releases",
              "defaultStatus": "affected",
              "modules": [
                "Config import",
                "URI scheme handler",
                "CLI --config"
              ],
              "packageName": "rustdesk-client",
              "platforms": [
                "Windows",
                "MacOS",
                "Linux",
                "iOS",
                "Android",
                "WebClient"
              ],
              "product": "RustDesk Client",
              "programFiles": [
                "flutter/lib/common.dart",
                "hbb_common/src/config.rs"
              ],
              "programRoutines": [
                {
                  "name": "parseRustdeskUri()"
                },
                {
                  "name": "importConfig()"
                }
              ],
              "repo": "https://github.com/rustdesk/rustdesk,https://github.com/rustdesk/hbb_common",
              "vendor": "rustdesk-client",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Default \u2014 any deployment using \"Encrypted Config\" strings\u003cbr\u003e"
                }
              ],
              "value": "Default \u2014 any deployment using \"Encrypted Config\" strings"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:webclient:*:*:*:*:*",
                      "versionEndIncluding": "1.4.5",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erez Kalman"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Erez Kalman"
            }
          ],
          "datePublic": "2026-03-05T13:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eflutter/lib/common.Dart\u003c/tt\u003e, \u003ctt\u003ehbb_common/src/config.Rs\u003c/tt\u003e and program routines \u003ctt\u003eparseRustdeskUri()\u003c/tt\u003e, \u003ctt\u003eimportConfig()\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects RustDesk Client: through 1.4.5.\u003c/p\u003e"
                }
              ],
              "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig().\n\nThis issue affects RustDesk Client: through 1.4.5."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PoC available. Trivially exploitable.\u003cbr\u003e"
                }
              ],
              "value": "PoC available. Trivially exploitable."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-684",
                  "description": "CWE-684",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T16:38:34.973Z",
            "orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
            "shortName": "VULSec"
          },
          "references": [
            {
              "tags": [
                "technical-description",
                "x_--config documentation"
              ],
              "url": "https://rustdesk.com/docs/en/client/"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"
            },
            {
              "tags": [
                "vdb-entry",
                "third-party-advisory"
              ],
              "url": "https://www.vulsec.org/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Implement AES-256-GCM AEAD or equivalent authenticated encryption\u003cbr\u003e"
                }
              ],
              "value": "Implement AES-256-GCM AEAD or equivalent authenticated encryption"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Treat config strings as public; restrict distribution to trusted channels only\u003cbr\u003e"
                }
              ],
              "value": "Treat config strings as public; restrict distribution to trusted channels only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
        "assignerShortName": "VULSec",
        "cveId": "CVE-2026-30791",
        "datePublished": "2026-03-05T14:47:56.960Z",
        "dateReserved": "2026-03-05T14:13:37.203Z",
        "dateUpdated": "2026-03-06T18:16:16.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }