This page aggregates publicly disclosed CVE and security risk information related to remotemouse, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-47792 | Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access. | [email protected] | 8.5 | 0.21% | 2026-01-16 | 2026-01-30 |
| CVE-2021-35448 | Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections. | [email protected] | 7.8 | 1.04% | 2021-06-24 | 2024-11-21 |
| CVE-2021-27574 | An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings. | [email protected] | 8.1 | 1.08% | 2021-05-07 | 2024-11-21 |
| CVE-2021-27573 | An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication. | [email protected] | 9.8 | 14.19% | 2021-05-07 | 2024-11-21 |
| CVE-2021-27572 | An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set. | [email protected] | 8.1 | 3.25% | 2021-05-07 | 2024-11-21 |
| CVE-2021-27571 | An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic. | [email protected] | 5.3 | 1.15% | 2021-05-07 | 2024-11-21 |
| CVE-2021-27570 | An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic. | [email protected] | 5.3 | 1.39% | 2021-05-07 | 2024-11-21 |
| CVE-2021-27569 | An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic. | [email protected] | 5.3 | 0.64% | 2021-05-07 | 2024-11-21 |