RSS   Vulnerabilities for 'Emote remote mouse'   RSS

2021-05-07
 
CVE-2021-27569

CWE-862
 

 
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic.

 
 
CVE-2021-27570

CWE-862
 

 
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic.

 
 
CVE-2021-27571

CWE-862
 

 
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic.

 
 
CVE-2021-27573

CWE-862
 

 
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication.

 
 
CVE-2021-27574

CWE-494
 

 
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.

 


Copyright 2024, cxsecurity.com

 

Back to Top