110 matches found
CVE-2021-27571
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic...
Authentication flaw
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
Design/Logic Flaw
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...
Authentication flaw
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication...
Authentication flaw
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
Design/Logic Flaw
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27574
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...
CVE-2021-27574
The CVE-2021-27574 issue affects Emote Remote Mouse up to version 4.0.0.0, where the update mechanism uses cleartext HTTP to check and fetch updates. This design enables a man-in-the-middle attacker to replace a legitimate update with a malicious binary without triggering SSL errors or warnings. ...
CVE-2021-27573
CVE-2021-27573 affects Emote Remote Mouse (up to version 4.0.0.0). The issue allows remote unauthenticated users to execute arbitrary code by sending crafted UDP packets, without prior authorization or authentication. Red Hat and CNVD entries reiterate that this vulnerability originates from unau...
CVE-2021-27573
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication...
CVE-2021-27572
The CVE-2021-27572 issue affects Emote Remote Mouse (up to version 4.0.0.0). The root cause is an authentication bypass via crafted UDP packets triggering a packet replay, enabling remote unauthenticated users to execute arbitrary code. Multiple sources (NVD, Red Hat advisory) corroborate that a ...
CVE-2021-27572
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set...
CVE-2021-27571
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27571
CVE-2021-27571 affects Emote Remote Mouse up to version 4.0.0.0. The issue allows an attacker to retrieve recently used and running applications, their icons, and their file paths. The data is sent in cleartext and not protected by any authentication logic. Connected documents confirm the affecte...
CVE-2021-27570
CVE-2021-27570 affects Emote Remote Mouse (≤3.015). An attacker can remotely close any running process by sending the process name in a crafted packet. The affected communications are sent in cleartext and lack authentication, enabling network-based exploitation with low complexity and no privile...
CVE-2021-27570
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27569
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27569
CVE-2021-27569 affects Emote Remote Mouse (up to version 4.0.0.0). Red Hat and CNVD entries confirm a vulnerability where an attacker can maximize or minimize a running process window by sending the process name in a crafted packet. The issue is transmitted in cleartext and lacks authentication p...
6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS
As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who...
Emote Remote Mouse 安全漏洞
Remote Mouse is a remote mouse application. A security vulnerability exists in Emote Remote Mouse 4.0.0.0 and earlier versions, which can be exploited by an attacker to maximize or minimize the window of a running process by sending the process name in a crafted packet...