Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RustDesk Client Blindly Merges Unauthenticated Strategy Payloads, Bypassing Local Security Settings
Vulnerability Description
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options(). This issue affects RustDesk Client: through 1.4.5.
CVSS Information
N/A
Vulnerability Type
违背安全设计原则
Vulnerability Title
RustDesk 安全漏洞
Vulnerability Description
RustDesk是RustDesk个人开发者的一款远程访问和远程控制软件,主要由 Rust 编写,可以远程维护计算机和其他设备。 RustDesk 1.4.5及之前版本存在安全漏洞,该漏洞源于策略同步和HTTP API客户端等模块存在问题,可能导致通过中间人攻击操纵应用API消息。
CVSS Information
N/A
Vulnerability Type
N/A