CVE-2026-30790
Published: Mar 5, 2026
Modified: Mar 10, 2026
Description
Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Peer authentication, API login modules), rustdesk-server RustDesk Server (OSS) rustdesk-server on Windows, MacOS, Linux (Peer authentication, API login modules) allows Password Brute Forcing. This vulnerability is associated with program files src/server/connection.Rs and program routines Salt/challenge generation, SHA256(SHA256(pwd+salt)+challenge) verification. This issue affects RustDesk Server Pro: through 1.7.5; RustDesk Server (OSS): through 1.1.15.
| Vendor | Product | Versions |
|---|---|---|
rustdesk-server-pro | RustDesk Server Pro | affected 0 - <= 1.7.5 |
rustdesk-server | RustDesk Server (OSS) | affected 0 - <= 1.1.15 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now