Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
devolutions remote desktop manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5765
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and previous versions on Windows allows an malicious user to bypass permissions via data source switching.
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-5766
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and previous versions on Windows allows an malicious user to remotely execute code from another windows user session on the same host via a specially crafted TCP packet.
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and previous versions on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
Devolutions Remote Desktop Manager
4.4
CVSSv3
CVE-2023-7047
Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This af...
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2023-2282
Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and previous versions on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector.
Devolutions Remote Desktop Manager
5.4
CVSSv3
CVE-2024-0589
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and previous versions on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2023-4417
Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and previous versions versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults v...
Devolutions Remote Desktop Manager
NA
CVE-2024-3545
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and previous versions on windows and Devolutions Server 2024.1.8 and previous versions allows an malicious user to access sensitive informations contained in the offlin...
NA
CVE-2024-2403
Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and previous versions on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the tem...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3