RustDesk Server Missing Authorization Vulnerability Allowing Privilege Abuse

Vulnerability

A vulnerability in RustDesk Server in the hbbs (Rendezvous) and hbbr (relay) modules, all server platforms, allows privilege abuse due to missing authorization and authentication for critical functions. This issue affects RustDesk Server versions through 1.7.5 and 1.1.15.

Impact

The vulnerability allows unauthorized users to abuse privileges, potentially leading to unauthorized actions or access within the application.

Added: Mar 5, 2026, 4:28 PM

Updated: Mar 5, 2026, 4:28 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

3.8

exploitability

7.2

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

3.8

exploitability

7.2

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

RustDesk Server Missing Authorization Vulnerability Allowing Privilege Abuse

Vulnerability

Impact

Affected Products

RustDesk Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating