CVE-2026-30790
Brute Force Vulnerability in RustDesk Server Authentication Modules
Publication date: 2026-03-05
Last updated on: 2026-03-25
Assigner: VULSec Labs
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rustdesk | rustdesk_server | to 1.7.5 (inc) |
| rustdesk | rustdesk_server | to 1.1.15 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-916 | The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive. |
| CWE-307 | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can allow attackers to perform password brute forcing attacks on RustDesk Server Pro and RustDesk Server (OSS), potentially gaining unauthorized access to remote desktop sessions or administrative functions. Successful exploitation could lead to compromise of sensitive data, unauthorized control over remote systems, and disruption of services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
CVE-2026-30790 is a vulnerability in RustDesk Server Pro and RustDesk Server (OSS) that allows password brute forcing due to improper restriction of excessive authentication attempts and the use of password hashing with insufficient computational effort. This affects the peer authentication and API login modules on Windows, MacOS, and Linux platforms. The vulnerability involves weak password hashing and inadequate challenge-response verification mechanisms, making it easier for attackers to guess passwords through repeated attempts.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves improper restriction of excessive authentication attempts and use of password hashes with insufficient computational effort, allowing password brute forcing on RustDesk Server Pro and RustDesk Server (OSS). Detection would involve monitoring for repeated failed authentication attempts on the peer authentication and API login modules.
Since the vulnerability relates to brute force attacks, you can detect it by analyzing authentication logs for multiple failed login attempts from the same IP or user.
- Use system or application logs to identify repeated failed login attempts.
- On Linux systems, commands like `grep 'failed' /var/log/auth.log` or `journalctl -u rustdesk-server` (if applicable) can help find authentication failures.
- Network monitoring tools can be used to detect unusual authentication traffic patterns targeting the RustDesk server ports.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include limiting authentication attempts to prevent brute force attacks and updating the RustDesk Server Pro and RustDesk Server (OSS) to versions beyond those affected (i.e., versions later than 1.7.5 for Pro and 1.1.15 for OSS).
Additional measures include implementing stronger password policies, enabling account lockout mechanisms, and monitoring authentication logs for suspicious activity.