Skip to main content

Lazy Mouse

3 CVEs product

Monthly

CVE-2022-45481 CRITICAL Act Now

The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Lazy Mouse
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-45483 MEDIUM This Month

Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Lazy Mouse
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2022-45482 CRITICAL Act Now

Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Brute Force Lazy Mouse
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 2% CVSS 9.8
CRITICAL Act Now

The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Lazy Mouse
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Lazy Mouse
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Brute Force Lazy Mouse
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy