Lucene search
+L
DevolutionsRemote Desktop Manager

10 matches found

CVE
CVE
added 2021/04/01 9:53 p.m.164 views

CVE-2021-23922

CVE-2021-23922 refers to a cross-site scripting (XSS) vulnerability in Devolutions Remote Desktop Manager (webviews) affecting versions prior to 2020.2.12 . The issue is documented across multiple sources (NVD/CNVD/CVE listings) with CVSS metrics indicating a network-exposed vulnerability, mitiga...

5.4CVSS5.3AI score0.01149EPSS
CVE
CVE
added 2024/09/25 3:12 p.m.83 views

CVE-2024-7421

The vulnerability CVE-2024-7421 affects Devolutions Remote Desktop Manager (versions up to 2024.2.20.0) on Windows. The issue is an information exposure where credentials used for WinSCP sessions can be retrieved by local attackers who can access system logs, via passwords found in command-line a...

5.5CVSS6.5AI score0.00152EPSS
CVE
CVE
added 2021/04/01 8:1 p.m.76 views

CVE-2021-28047

CVE-2021-28047 affects Devolutions Remote Desktop Manager. The vulnerability is a Cross-Site Scripting (XSS) in Administration Reports present in versions prior to 2021.1, exploitable by a remote authenticated user who can inject arbitrary web script or HTML via multiple input fields. The connect...

5.4CVSS5.1AI score0.01075EPSS
CVE
CVE
added 2024/11/25 2:46 p.m.73 views

CVE-2024-11670

The CVE-2024-11670 issue affects Devolutions Remote Desktop Manager (Windows) versions 2024.2.21 and earlier, due to incorrect authorization in the permission validation component that lets an authenticated user bypass the View Password permission. Documents from Red Hat, Tenable Nessus, CVE list...

5.4CVSS6.9AI score0.00639EPSS
CVE
CVE
added 2024/11/25 2:46 p.m.66 views

CVE-2024-11671

CVE-2024-11671 concerns Devolutions Remote Desktop Manager on Windows. Multiple sources confirm an improper authentication flaw in the SQL data source MFA validation, enabling an authenticated user to bypass MFA by switching data sources. Affected product/version: Devolutions Remote Desktop Manag...

5.4CVSS7.7AI score0.00513EPSS
CVE
CVE
added 2025/03/26 5:14 p.m.63 views

CVE-2025-2499

CVE-2025-2499 affects Devolutions Remote Desktop Manager for Windows. The issue is a client-side access control bypass in the permission component, allowing an authenticated user to bypass specific restrictions (View Password, Edit Asset, Edit Permissions) by performing certain actions. Affected ...

5.4CVSS7AI score0.00363EPSS
CVE
CVE
added 2024/01/31 1:4 p.m.60 views

CVE-2024-0589

CVE-2024-0589 is an XSS vulnerability in Devolutions Remote Desktop Manager (RDM) for Windows, affecting version 2023.3.36 and earlier. The issue resides in the entry overview tab, where an attacker with access to a data source can inject a malicious script via a specially crafted input in an ent...

5.4CVSS5.3AI score0.00295EPSS
CVE
CVE
added 2025/03/26 5:24 p.m.60 views

CVE-2025-2562

CVE-2025-2562 describes insufficient logging in the autotyping feature of Devolutions Remote Desktop Manager for Windows, enabling an authenticated user to use a stored password without generating a log event. Affected versions are 2025.1.24–2025.1.25 and all versions up to 2024.3.29. Remediation...

5.4CVSS7AI score0.00386EPSS
CVE
CVE
added 2024/03/13 6:5 p.m.49 views

CVE-2024-2403

CVE-2024-2403 affects Devolutions Remote Desktop Manager prior to 2024.1.12 on Windows. The root cause is improper cleanup in the temporary file handling component, which may allow an attacker who has already compromised a user endpoint to access sensitive information via residual files in the te...

5.9CVSS6.4AI score0.00421EPSS
CVE
CVE
added 2026/06/15 11:56 p.m.35 views

CVE-2026-12162

The CVE-2026-12162 entry affects Devolutions Remote Desktop Manager 2026.2.8, due to an improper host validation in the social login autofill feature. The underlying issue allows an attacker to disclose stored social login credentials by pointing a crafted web entry to a provider domain that look...

5.5CVSS5.3AI score0.00112EPSS