RustDesk Server Pro Cleartext Transmission Vulnerability

Vulnerability

A vulnerability in RustDesk Server Pro in versions through 1.7.5 allows for sniffing attacks due to the cleartext transmission of sensitive information. This issue arises in the address book sync API modules across Windows, macOS, and Linux. The vulnerability is linked to the heartbeat API handler, which accepts preset address book passwords in plaintext.

Impact

Exploitation of this vulnerability could lead to unauthorized interception of sensitive information, specifically address book passwords, which are transmitted in cleartext.

Added: Mar 5, 2026, 4:23 PM

Updated: Mar 5, 2026, 4:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

RustDesk Server Pro Cleartext Transmission Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating