Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RustDesk Flutter URI Handler Sets Permanent Password Without Privilege Check or User Confirmation
Vulnerability Description
Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword(). This issue affects RustDesk Client: through 1.4.5.
CVSS Information
N/A
Vulnerability Type
授权机制不恰当
Vulnerability Title
RustDesk 安全漏洞
Vulnerability Description
RustDesk是RustDesk个人开发者的一款远程访问和远程控制软件,主要由 Rust 编写,可以远程维护计算机和其他设备。 RustDesk 1.4.5及之前版本存在安全漏洞,该漏洞源于容易受到跨站请求伪造攻击,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A