Primary

Context

Unified Remote Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists in Unified Remote version 3.9.0.2463. This issue allows attackers to send crafted network packets to execute arbitrary commands. Exploitation involves connecting to port 9512 and transmitting specially crafted packets that can open a command prompt, download, and execute malicious payloads.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Reproduction

To reproduce this vulnerability, connect to the target machine's port 9512. Send a packet that initializes a connection with the Unified Remote application. After the connection is established, send a packet to open the command prompt. Once the command prompt is open, transmit a command to download a payload from a specified URL into the Windows Temp directory and execute it.

Added: Jan 23, 2026, 5:41 PM

Updated: Jan 23, 2026, 5:41 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

5.6

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

5.6

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Unified Remote Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Unified Remote

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating