📄 AndroMouse Server 8.0 Unauthenticated Directory Enumeration

AndroMouse Server version 8.0 exposes an unauthenticated TCP command interface on port 8888. A remote attacker can send crafted commands to enumerate the contents of arbitrary directories on the host file system, without user interaction or authentication. Exploit Title: AndroMouse Server 8.0 –...

📄 AndroMouse Server 8.0 Unauthenticated Remote System Control

AndroMouse Server version 8.0 allows attackers to send UDP commands to remotely restart, shutdown, sleep, lock, or log off the target machine without authentication. This leads to unauthorized power state manipulation and potential denial of service. Exploit Title: AndroMouse Server 8.0 –...

📄 AndroMouse Server 8.0 Remote Code Execution

AndroMouse Server version 8.0 proof of concept that exploits an unauthenticated UDP interface to simulate mouse/keyboard actions and execute malicious commands via certutil. Exploit Title: AndroMouse Server 8.0 - Remote Code Execution Date: 03/07/25 Exploit Author: Chokri Hammedi Vendor Homepage:...

📄 AndroMouse Server 8.0 Unauthenticated Screenshot Exposure

AndroMouse Server version 8.0 listens on TCP/UDP port 8888 and allows unauthenticated retrieval of desktop screenshots. Attackers can abuse this feature by repeatedly requesting screenshots to create a covert live monitoring stream, compromising user privacy without any notification or consent...