Remote Desktop Manager Security Vulnerabilities and Issues — Remote Desktop Manager CVE List

Lucene search

DevolutionsRemote Desktop Manager

9 matches found

CVE•added 2021/04/01 10:15 p.m.•152 views

CVE-2021-23922

An issue was discovered in Devolutions Remote Desktop Manager before 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews.

5.4CVSS5.3AI score0.00272EPSS

CVE•added 2021/04/01 9:15 p.m.•63 views

CVE-2021-28047

Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Remote Desktop Manager before 2021.1 allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields.

5.4CVSS5.1AI score0.00192EPSS

CVE•added 2024/09/25 4:15 p.m.•62 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions

5.5CVSS6.5AI score0.00041EPSS

CVE•added 2024/11/25 3:15 p.m.•54 views

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching.

5.4CVSS7.7AI score0.00069EPSS

CVE•added 2024/11/25 3:15 p.m.•51 views

CVE-2024-11670

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions.

5.4CVSS6.9AI score0.00098EPSS

CVE•added 2025/03/26 6:15 p.m.•49 views

CVE-2025-2499

Client side access control bypass in the permission component inDevolutions Remote Desktop Manager on Windows. An authenticated user can exploit this flaw to bypass certain permission restrictions—specifically View Password, Edit Asset, and Edit Permissions by performing specific actions. This issu...

5.4CVSS7AI score0.00039EPSS

CVE•added 2025/03/26 6:15 p.m.•45 views

CVE-2025-2562

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from 20...

5.4CVSS7AI score0.00068EPSS

CVE•added 2024/01/31 1:15 p.m.•42 views

CVE-2024-0589

Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.

5.4CVSS5.3AI score0.005EPSS

CVE•added 2024/03/13 6:15 p.m.•35 views

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 andearlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory.

5.9CVSS6.4AI score0.00202EPSS