anonhaven
Ad

CVE-2026-30792

CRITICAL CVSS 4.0: 9.1 EPSS 0.04%
Updated Mar 05, 2026
Linux
Parameter Value
CVSS 9.1 (CRITICAL)
Type CWE-657
Vendor Linux
Public PoC No

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options(). This issue affects RustDesk Client: through 1.4.5.

Attack Parameters

Attack Vector
Network
Атака возможна удалённо
Attack Complexity
Low
Легко эксплуатировать
Attack Requirements
Present
Нужны дополнительные условия
Privileges Required
None
Права не нужны
User Interaction
None
Не нужно действие пользователя

Impact Assessment

Confidentiality
High
Полная утечка данных
Integrity
High
Полная модификация данных
Availability
None
Нет нарушения работы

CVSS Vector v4.0

Weakness Type (CWE)

CWE-657

References 3

https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozA…
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://rustdesk.com/docs/en/self-host/client-configuration/advanced-settings/
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://www.vulsec.org/
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-28726

Linux

4.3

CVE-2026-28725

Linux

5.5

CVE-2026-28724

Linux

4.3

CVE-2026-28723

Linux

4.3

CVE-2026-28720

Linux

4.3