CVE-2026-57850
HIGHRustDesk before 1.4.9 Missing Session Scope Enforcement Allows Out-of-Scope Control Message Injection
Title source: cnaExploitation Summary
EIP tracks 1 public exploit for CVE-2026-57850. PoCs published by sn0x-sharma.
AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2026-57850, a relay handshake downgrade vulnerability in RustDesk. The vulnerability allows a relay-position attacker to strip or invalidate signed peer key material, forcing a session into plaintext and enabling observation of authentication traffic and injection of control messages post-authentication.
Description
RustDesk before 1.4.9 does not enforce a session's authorized connection scope on the server side, so a peer granted a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal) can send control messages and login options reserved for a full Remote session. An authenticated remote peer can exploit this missing scope check to act outside its granted scope, injecting out-of-scope control messages to observe and control the host beyond the permissions it was given.
Exploits (1)
This repository provides a detailed technical analysis of CVE-2026-57850, a relay handshake downgrade vulnerability in RustDesk. The vulnerability allows a relay-position attacker to strip or invalidate signed peer key material, forcing a session into plaintext and enabling observation of authentication traffic and injection of control messages post-authentication.
References (4)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L