CVE-2021-27572
Severity Score
8.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set.
Se detectó un problema en Emote Remote Mouse versiones hasta.0.0.0. Una Omisión de Autenticación puede ocurrir por medio de la Reproducción de Paquetes. Los usuarios remotos no autenticados pueden ejecutar código arbitrario por medio de paquetes UDP diseñados incluso cuando contraseñas son establecidas
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-02-23 CVE Reserved
- 2021-05-07 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-01-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-294: Authentication Bypass by Capture-replay
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://remotemouse.net/blog | Product |
| URL | Date | SRC |
|---|---|---|
| https://axelp.io/MouseTrap | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Remotemouse Search vendor "Remotemouse" | Emote Remote Mouse Search vendor "Remotemouse" for product "Emote Remote Mouse" | <= 4.0.0.0 Search vendor "Remotemouse" for product "Emote Remote Mouse" and version " <= 4.0.0.0" | - |
Affected
| ||||||