CVE-2026-30784
Received Received - Intake

Missing Authentication in RustDesk Server Enables Privilege Abuse

Vulnerability report for CVE-2026-30784, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-05

Last updated on: 2026-06-22

Assigner: VULSec Labs

Description

Rejected reason: This CVE ID has been withdrawn by its CVE Numbering Authority.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-05
Last Modified
2026-06-22
Generated
2026-07-06
AI Q&A
2026-03-05
EPSS Evaluated
2026-06-21
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
rustdesk rustdesk_server to 1.7.5 (inc)
rustdesk rustdesk_server to 1.1.15 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Missing Authorization and Missing Authentication issue in the RustDesk Server components, specifically in the rendezvous server (hbbs) and relay server (hbbr) modules. It affects all server platforms running rustdesk-server or rustdesk-server-pro through versions 1.7.5 and 1.1.15. The problem lies in certain program files and routines, such as handle_punch_hole_request() and RegisterPeer handler, which allow an attacker to abuse privileges by bypassing necessary authentication or authorization checks for critical functions.

Impact Analysis

Because this vulnerability allows privilege abuse due to missing authentication and authorization, an attacker could potentially perform unauthorized actions on the RustDesk Server. This could lead to unauthorized access to communication sessions, manipulation of server functions, or interception of connections that rely on the rendezvous and relay servers. Such impacts could compromise the confidentiality and integrity of communications facilitated by RustDesk.

Compliance Impact

I don't know

Detection Guidance

This vulnerability affects the RustDesk Server components hbbs (rendezvous server) and hbbr (relay server) on specific TCP and UDP ports. To detect potential exploitation or presence of the vulnerable services on your network, you can scan for open ports associated with RustDesk Server.

  • Use a port scanning tool like nmap to check for open RustDesk server ports: nmap -p 21114-21119,21116/udp <target-ip>
  • Check running processes on the server for rustdesk-server binaries (hbbs, hbbr) using commands like: ps aux | grep rustdesk
  • Monitor network traffic on the RustDesk ports (TCP 21114-21119 and UDP 21116) for unusual or unauthorized requests, especially those related to signaling and relay functions.

Since the vulnerability involves missing authorization and authentication in critical functions, reviewing server logs for unexpected or unauthorized peer registration or relay forwarding requests may help detect exploitation attempts.

Mitigation Strategies

Immediate mitigation steps include restricting access to the RustDesk server ports to trusted networks only, as the vulnerability allows privilege abuse via missing authentication and authorization.

  • Implement firewall rules to limit inbound traffic on TCP ports 21114-21119 and UDP port 21116 to known and trusted IP addresses.
  • If possible, disable or restrict the vulnerable modules (hbbs and hbbr) until a patched version is available.
  • Monitor server logs for suspicious activity related to peer registration and relay forwarding.

Ultimately, update RustDesk Server to a version later than 1.7.5 (or 1.1.15 for the affected components) once a fix is released to fully remediate the vulnerability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30784. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart