CVE-2026-27182 Saturn Remote Mouse Server UDP Command Injection RCE

Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the...

📄 Saturn Remote Mouse Server 1.0.4.0 Remote Code Execution

Saturn Remote Mouse Server version 1.0.4.0 exposes an unauthenticated UDP command interface port 27000 allowing remote attackers to inject keystrokes. This proof of concept demonstrates remote code execution by simulating Windows key combinations to spawn cmd.exe and execute malicious PowerShell...

CVE-2022-3365

Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct's custom control protocol. A Metasploit...

CVE-2022-3365

Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct's custom control protocol. A Metasploit...

CVE-2022-3365

CVE-2022-3365 affects Remote Mouse Server by Emote Interactive. The Red Hat, NVD, and CVE records describe unauthenticated remote code execution via the server’s protocol, tied to weak encoding (trivial substitution cipher) and default password use when none is set, with Metasploit tests against ...

PT-2025-1362 · Emote Interactive · Remote Mouse Server

Name of the Vulnerable Software and Affected Versions: Remote Mouse Server by Emote Interactive version 4.110 Description: The issue arises due to the product's reliance on a trivial substitution cipher sent in cleartext and its use of a default password when no password is set by the user. This...

Remote Mouse 4.110 Remote Code Execution Exploit

This Metasploit module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it from the server. This module will only deploy a payload if the server is set without a password default. Tested against 4.110, current at the time of module writing. This module...

Remote Mouse 4.110 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Mouse RCE', 'Description' = %q This module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it...

Rapid7 Metasploit 安全漏洞

Rapid7 Metasploit is a suite of penetration testing software from the US-based company Rapid7. Rapid7 Metasploit suffers from a security vulnerability that stems from its use of the Remote Mouse Server protocol to deploy a payload and run it from a server, a module that only deploys a payload if...