QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-30784

Back to search

CVE-2026-30784

Published: Mar 5, 2026

Modified: Mar 6, 2026

PUBLISHED

Description

Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms (Rendezvous server (hbbs), relay server (hbbr) modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_server.Rs, src/relay_server.Rs and program routines handle_punch_hole_request(), RegisterPeer handler, relay forwarding. This issue affects RustDesk Server: through 1.7.5, through 1.1.15.

VendorProductVersions

rustdesk-server

RustDesk Server

affected
0 - <= 1.7.5
affected
0 - <= 1.1.15

Weaknesses (CWE)

CWE-862
CWE-306

References

https://rustdesk.com/docs/en/self-host/
technical-description
product
https://www.vulsec.org/
vdb-entry
third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now