CVE-2026-30784
Received Received - Intake
Missing Authentication in RustDesk Server Enables Privilege Abuse

Publication date: 2026-03-05

Last updated on: 2026-03-25

Assigner: VULSec Labs

Description
Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms (Rendezvous server (hbbs), relay server (hbbr) modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_server.Rs, src/relay_server.Rs and program routines handle_punch_hole_request(), RegisterPeer handler, relay forwarding. This issue affects RustDesk Server: through 1.7.5, through 1.1.15.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-05
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-03-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-30784
EUVD
EUVD-2026-9832
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
rustdesk rustdesk_server to 1.7.5 (inc)
rustdesk rustdesk_server to 1.1.15 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Missing Authorization and Missing Authentication issue in the RustDesk Server components, specifically in the rendezvous server (hbbs) and relay server (hbbr) modules. It affects all server platforms running rustdesk-server or rustdesk-server-pro through versions 1.7.5 and 1.1.15. The problem lies in certain program files and routines, such as handle_punch_hole_request() and RegisterPeer handler, which allow an attacker to abuse privileges by bypassing necessary authentication or authorization checks for critical functions.

Impact Analysis

Because this vulnerability allows privilege abuse due to missing authentication and authorization, an attacker could potentially perform unauthorized actions on the RustDesk Server. This could lead to unauthorized access to communication sessions, manipulation of server functions, or interception of connections that rely on the rendezvous and relay servers. Such impacts could compromise the confidentiality and integrity of communications facilitated by RustDesk.

Compliance Impact

I don't know

Detection Guidance

This vulnerability affects the RustDesk Server components hbbs (rendezvous server) and hbbr (relay server) on specific TCP and UDP ports. To detect potential exploitation or presence of the vulnerable services on your network, you can scan for open ports associated with RustDesk Server.

  • Use a port scanning tool like nmap to check for open RustDesk server ports: nmap -p 21114-21119,21116/udp <target-ip>
  • Check running processes on the server for rustdesk-server binaries (hbbs, hbbr) using commands like: ps aux | grep rustdesk
  • Monitor network traffic on the RustDesk ports (TCP 21114-21119 and UDP 21116) for unusual or unauthorized requests, especially those related to signaling and relay functions.

Since the vulnerability involves missing authorization and authentication in critical functions, reviewing server logs for unexpected or unauthorized peer registration or relay forwarding requests may help detect exploitation attempts.

Mitigation Strategies

Immediate mitigation steps include restricting access to the RustDesk server ports to trusted networks only, as the vulnerability allows privilege abuse via missing authentication and authorization.

  • Implement firewall rules to limit inbound traffic on TCP ports 21114-21119 and UDP port 21116 to known and trusted IP addresses.
  • If possible, disable or restrict the vulnerable modules (hbbs and hbbr) until a patched version is available.
  • Monitor server logs for suspicious activity related to peer registration and relay forwarding.

Ultimately, update RustDesk Server to a version later than 1.7.5 (or 1.1.15 for the affected components) once a fix is released to fully remediate the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30784. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart