CVE-2021-27571

Published: May 7, 2021Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic.

Affected (1)

Products: Remotemouse: Emote Remote Mouse

Remotemouse

1 product

Emote Remote Mouse

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Remotemouse Emote Remote Mouse	Up to 4.0.0.0

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (4)

https://axelp.io/MouseTrap

Source: cve@mitre.org

ExploitThird Party Advisory

https://remotemouse.net/blog/

Source: cve@mitre.org

Product

https://axelp.io/MouseTrap

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://remotemouse.net/blog/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.