Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RustDesk Client Generates Auth Proof Without Client-Side Nonce, Enabling Replay Attacks
Vulnerability Description
Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5.
CVSS Information
N/A
Vulnerability Type
使用捕获-重放进行的认证绕过
Vulnerability Title
RustDesk 安全漏洞
Vulnerability Description
RustDesk是RustDesk个人开发者的一款远程访问和远程控制软件,主要由 Rust 编写,可以远程维护计算机和其他设备。 RustDesk 1.4.5及之前版本存在安全漏洞,该漏洞源于身份验证重放绕过和密码哈希计算强度不足,可能导致重用会话ID。
CVSS Information
N/A
Vulnerability Type
N/A