Skip to main content

Dameware Mini Remote Control

6 CVEs product

Monthly

CVE-2021-31217 CRITICAL Act Now

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Dameware Mini Remote Control
NVD
CVSS 3.1
9.1
EPSS
3.8%
CVE-2019-3980 CRITICAL POC Act Now

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dameware Mini Remote Control
NVD
CVSS 3.1
9.8
EPSS
5.2%
CVE-2019-3957 HIGH POC THREAT This Week

Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Dameware Mini Remote Control
NVD
CVSS 3.1
7.4
EPSS
25.6%
CVE-2019-9017 HIGH POC THREAT This Week

DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Dameware Mini Remote Control
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
20.6%
CVE-2018-12897 HIGH POC This Week

SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Dameware Mini Remote Control
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.7%
CVE-2015-8220 HIGH PATCH Act Now

Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 56.5%.

RCE Buffer Overflow Dameware Mini Remote Control
NVD
CVSS 2.0
7.5
EPSS
56.5%
EPSS 4% CVSS 9.1
CRITICAL Act Now

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Dameware Mini Remote Control
NVD
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dameware Mini Remote Control
NVD
EPSS 26% CVSS 7.4
HIGH POC THREAT This Week

Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Dameware Mini Remote Control
NVD
EPSS 21% CVSS 7.5
HIGH POC THREAT This Week

DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Dameware Mini Remote Control
NVD Exploit-DB
EPSS 2% CVSS 7.8
HIGH POC This Week

SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Dameware Mini Remote Control
NVD Exploit-DB
EPSS 56% CVSS 7.5
HIGH PATCH Act Now

Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 56.5%.

RCE Buffer Overflow Dameware Mini Remote Control
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy