Authentication Bypass by Capture-replay, Use of Password...
Critical severity
Unreviewed
Published
Mar 5, 2026
to the GitHub Advisory Database
•
Updated Jun 22, 2026
Description
Published by the National Vulnerability Database
Mar 5, 2026
Published to the GitHub Advisory Database
Mar 5, 2026
Last updated
Jun 22, 2026
Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction.
This issue affects RustDesk Client: through 1.4.5.
References