CVSS: 9.8EPSS: 87%CPEs: 3EXPL: 4CVE-2020-13160 – AnyDesk 5.5.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-13160
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. AnyDesk versiones anteriores a 5.5.3 en Linux y FreeBSD presenta una vulnerabilidad de cadena de formato que puede ser explotada para una ejecución de código remota AnyDesk version 5.5.2 suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/49613 http://packetstormsecurity.com/files/158291/AnyDesk-GUI-Format-String-Write.html http://packetstormsecurity.com/files/161628/AnyDesk-5.5.2-Remote-Code-Execution.html https://devel0pment.de/?p=1881 https://download.anydesk.com/changelog.txt - • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-13102
https://notcve.org/view.php?id=CVE-2018-13102
AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability. AnyDesk en versiones anteriores a la 12.06.2018 - 4.1.3 en Windows 7 SP1 tiene una vulnerabilidad de precarga de DLL. • https://download.anydesk.com/changelog.txt • CWE-426: Untrusted Search Path •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14397
https://notcve.org/view.php?id=CVE-2017-14397
AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. AnyDesk en versiones anteriores a la 3.6.1 en Windows tiene una vulnerabilidad de inyección DLL. • https://download.anydesk.com/changelog.txt • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •