Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Solarwinds Subscribe
Filtered by product Dameware Mini Remote Control
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3957 1 Solarwinds 1 Dameware Mini Remote Control 2021-07-21 5.8 MEDIUM 7.4 HIGH
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information.
CVE-2019-3980 1 Solarwinds 1 Dameware Mini Remote Control 2021-07-21 10.0 HIGH 9.8 CRITICAL
The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account.
CVE-2021-31217 1 Solarwinds 1 Dameware Mini Remote Control 2021-07-15 9.4 HIGH 9.1 CRITICAL
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
CVE-2015-8220 1 Solarwinds 1 Dameware Mini Remote Control 2019-10-22 7.5 HIGH N/A
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link.
CVE-2018-12897 1 Solarwinds 1 Dameware Mini Remote Control 2019-07-16 4.6 MEDIUM 7.8 HIGH
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.