CVE-2026-3598
Received Received - Intake
Risky Cryptography in RustDesk Server Pro Enables Data Exposure

Publication date: 2026-03-05

Last updated on: 2026-03-25

Assigner: VULSec Labs

Description
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Config string generation, web console export modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routines Config export/generation routines. This issue affects RustDesk Server Pro: through 1.7.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-05
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-03-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-3598
EUVD
EUVD-2026-9823
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rustdesk rustdesk_server to 1.7.5 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-684 The code does not function according to its published specifications, potentially leading to incorrect usage.
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the use of a broken or risky cryptographic algorithm in RustDesk Server Pro (rustdesk-server-pro) on Windows, MacOS, and Linux. Specifically, it affects the configuration string generation and web console export modules, allowing an attacker to retrieve embedded sensitive data. The issue is related to the program routines responsible for configuration export and generation.

Impact Analysis

The vulnerability can lead to unauthorized retrieval of embedded sensitive data from the affected RustDesk Server Pro application. This could result in exposure of confidential information, potentially compromising system security and user privacy.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3598. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart