Dameware: Security Vulnerabilities
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which could crash the application or leak sensitive information.
CVSS Score
7.4
EPSS Score
0.012
Published
2019-06-07
Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthenticated remote attacker can cause a heap buffer overflow by specifying a large RsaPubKeyLen, which could cause a denial of service.
CVSS Score
7.5
EPSS Score
0.133
Published
2019-06-07
Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string.
CVSS Score
9.8
EPSS Score
0.649
Published
2016-03-17