CVE-2026-30784
RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms (Rendezvous server (hbbs), relay server (hbbr) modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_server.Rs, src/relay_server.Rs and program routines handle_punch_hole_request(), RegisterPeer handler, relay forwarding. This issue affects RustDesk Server: through 1.7.5, through 1.1.15.
| CWE | CWE-862 CWE-306 |
| Vendor | rustdesk-server |
| Product | rustdesk server |
| Published | Mar 5, 2026 |
| Last Updated | Mar 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for rustdesk-server rustdesk server
Be the first to know when new unknown vulnerabilities affecting rustdesk-server rustdesk server are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
rustdesk-server / RustDesk Server
0 โค 1.7.5 0 โค 1.1.15
References
Credits
Erez Kalman ๐ Erez Kalman