Plattform
flutter
Komponente
rustdesk
Behoben in
1.4.6
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in RustDesk Client versions 0.0 through 1.4.5. This vulnerability allows an attacker to potentially escalate privileges by crafting malicious requests that exploit the application's URI handling routines. The affected components include the Flutter application, FFI bridge modules, and specific routines like rustdesk://password/ and bind.MainSetPermanentPassword(). A fix is available; upgrade to a patched version to address this security concern.
The CSRF vulnerability in RustDesk Client allows an attacker to trick a legitimate user into unknowingly executing malicious actions within the application. Specifically, an attacker could leverage this flaw to modify the user's permanent password via the rustdesk://password/ URI handler, effectively gaining unauthorized access to the user's RustDesk session. The attack surface spans multiple platforms including Windows, MacOS, Linux, iOS, and Android, increasing the potential blast radius. Successful exploitation could lead to data breaches, unauthorized remote access, and potential compromise of systems connected to the RustDesk service. While no direct precedent exists for this specific vulnerability, CSRF vulnerabilities generally pose a significant risk due to their ease of exploitation and potential for widespread impact.
CVE-2026-30793 was publicly disclosed on 2026-03-05. There is currently no indication of active exploitation campaigns targeting this vulnerability. No public proof-of-concept (PoC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog, suggesting a low to medium probability of exploitation given the lack of public tooling and confirmed attacks.
Users who rely on RustDesk Client for remote access, particularly those who frequently use the application on public or shared networks, are at increased risk. Individuals who have not enabled strong password policies or are prone to clicking on suspicious links are also more vulnerable.
• flutter / mobile: Inspect network traffic for suspicious requests to rustdesk://password/ from unexpected origins. Use mobile device monitoring tools to detect unauthorized application activity.
• generic web: Monitor access logs for requests containing the rustdesk://password/ URI scheme. Look for unusual user agent strings or referrer headers.
• generic web: Implement a WAF rule to block requests containing the rustdesk://password/ URI scheme from untrusted origins.
disclosure
Exploit-Status
EPSS
0.03% (7% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-30793 is to upgrade to a patched version of RustDesk Client. The vendor has not released a specific fixed version as of this writing, but monitor their official channels for updates. As a temporary workaround, consider implementing strict Content Security Policy (CSP) headers to restrict the origins from which RustDesk Client can load resources. Additionally, educate users about the risks of clicking on suspicious links and entering credentials on untrusted websites. After upgrading, verify the fix by attempting to trigger the password modification URI handler from a different origin and confirming that the request is blocked.
Actualice RustDesk Client a una versión posterior a la 1.4.5. Esto solucionará la vulnerabilidad CSRF que permite la escalada de privilegios al establecer una contraseña permanente sin verificación ni confirmación del usuario.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-30793 is a Cross-Site Request Forgery vulnerability affecting RustDesk Client versions 0.0 through 1.4.5, allowing attackers to potentially escalate privileges.
If you are using RustDesk Client versions 0.0 to 1.4.5, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as it becomes available.
The recommended fix is to upgrade to a patched version of RustDesk Client. Monitor the vendor's official channels for updates. Implement CSP headers as a temporary workaround.
As of now, there is no indication of active exploitation campaigns targeting CVE-2026-30793, but vigilance is still advised.
Refer to the official RustDesk Client website and security advisories for the latest information and updates regarding CVE-2026-30793.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pubspec.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.