Neutrinolabs: >> Xrdp >> 0.9.25 Security Vulnerabilities
xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter `MaxLoginRetry` in `/etc/xrdp/sesman.ini`. However, this mechanism was not effectively working. As a result, xrdp allows an infinite number of login attempts.
CVSS Score
7.2
EPSS Score
0.004
Published
2024-07-12