{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-30796", "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "state": "PUBLISHED", "assignerShortName": "VULSec", "dateReserved": "2026-03-05T14:13:37.203Z", "datePublished": "2026-03-05T15:30:39.605Z", "dateUpdated": "2026-03-17T14:31:39.098Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/rustdesk/rustdesk-server-pro/releases", "defaultStatus": "affected", "modules": ["Address book sync API"], "packageName": "rustdesk-server-pro", "platforms": ["Windows", "MacOS", "Linux"], "product": "RustDesk Server Pro", "programFiles": ["Closed source \u2014 API endpoint handling heartbeat sync"], "programRoutines": [{"name": "Heartbeat API handler (accepts preset-address-book-password in plaintext)"}], "vendor": "rustdesk-server-pro", "versions": [{"changes": [{"at": "Server Pro", "status": "affected"}], "lessThanOrEqual": "1.7.5", "status": "affected", "version": "0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Pro server with address book feature in use"}], "value": "Pro server with address book feature in use"}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rustdesk-server-pro:rustdesk_server_pro:*:*:windows:*:*:*:*:*", "versionEndIncluding": "1.7.5", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rustdesk-server-pro:rustdesk_server_pro:*:*:macos:*:*:*:*:*", "versionEndIncluding": "1.7.5", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rustdesk-server-pro:rustdesk_server_pro:*:*:linux:*:*:*:*:*", "versionEndIncluding": "1.7.5", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Erez Kalman"}, {"lang": "en", "type": "reporter", "value": "Erez Kalman"}], "datePublic": "2026-03-05T13:45:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks.<p> This vulnerability is associated with program files <tt>Closed source \u2014 API endpoint handling heartbeat sync</tt> and program routines <tt>Heartbeat API handler (accepts preset-address-book-password in plaintext)</tt>.</p><p>This issue affects RustDesk Server Pro: through 1.7.5.</p>"}], "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks. This vulnerability is associated with program files Closed source \u2014 API endpoint handling heartbeat sync and program routines Heartbeat API handler (accepts preset-address-book-password in plaintext).\n\nThis issue affects RustDesk Server Pro: through 1.7.5."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "PoC available. Trivially exploitable.<br>"}], "value": "PoC available. Trivially exploitable."}], "impacts": [{"capecId": "CAPEC-157", "descriptions": [{"lang": "en", "value": "CAPEC-157 Sniffing Attacks"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "shortName": "VULSec", "dateUpdated": "2026-03-05T16:51:07.744Z"}, "references": [{"tags": ["technical-description", "x_--config documentation"], "url": "https://rustdesk.com/docs/en/"}, {"tags": ["third-party-advisory", "exploit"], "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"}, {"tags": ["vdb-entry", "third-party-advisory"], "url": "https://www.vulsec.org/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Transition Address Book API to SRP (Secure Remote Password)"}], "value": "Transition Address Book API to SRP (Secure Remote Password)"}], "source": {"discovery": "UNKNOWN"}, "title": "RustDesk Server Pro API Requires Address Book Password in Plaintext for Sync Protocol", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Avoid setting address book passwords; use account-based access only"}], "value": "Avoid setting address book passwords; use account-based access only"}], "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-17T14:31:35.721954Z", "id": "CVE-2026-30796", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-17T14:31:39.098Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30796", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-17T14:31:35.721954Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T16:34:58.670Z"}}], "cna": {"title": "RustDesk Server Pro API Requires Address Book Password in Plaintext for Sync Protocol", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Erez Kalman"}, {"lang": "en", "type": "reporter", "value": "Erez Kalman"}], "impacts": [{"capecId": "CAPEC-157", "descriptions": [{"lang": "en", "value": "CAPEC-157 Sniffing Attacks"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "rustdesk-server-pro", "modules": ["Address book sync API"], "product": "RustDesk Server Pro", "versions": [{"status": "affected", "changes": [{"at": "Server Pro", "status": "affected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "1.7.5"}], "platforms": ["Windows", "MacOS", "Linux"], "packageName": "rustdesk-server-pro", "programFiles": ["Closed source \u2014 API endpoint handling heartbeat sync"], "collectionURL": "https://github.com/rustdesk/rustdesk-server-pro/releases", "defaultStatus": "affected", "programRoutines": [{"name": "Heartbeat API handler (accepts preset-address-book-password in plaintext)"}]}], "exploits": [{"lang": "en", "value": "PoC available. Trivially exploitable.", "supportingMedia": [{"type": "text/html", "value": "PoC available. Trivially exploitable.<br>", "base64": false}]}], "solutions": [{"lang": "en", "value": "Transition Address Book API to SRP (Secure Remote Password)", "supportingMedia": [{"type": "text/html", "value": "Transition Address Book API to SRP (Secure Remote Password)", "base64": false}]}], "datePublic": "2026-03-05T13:45:00.000Z", "references": [{"url": "https://rustdesk.com/docs/en/", "tags": ["technical-description", "x_--config documentation"]}, {"url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub", "tags": ["third-party-advisory", "exploit"]}, {"url": "https://www.vulsec.org/", "tags": ["vdb-entry", "third-party-advisory"]}], "workarounds": [{"lang": "en", "value": "Avoid setting address book passwords; use account-based access only", "supportingMedia": [{"type": "text/html", "value": "Avoid setting address book passwords; use account-based access only", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks. This vulnerability is associated with program files Closed source \u2014 API endpoint handling heartbeat sync and program routines Heartbeat API handler (accepts preset-address-book-password in plaintext).\n\nThis issue affects RustDesk Server Pro: through 1.7.5.", "supportingMedia": [{"type": "text/html", "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks.<p> This vulnerability is associated with program files <tt>Closed source \u2014 API endpoint handling heartbeat sync</tt> and program routines <tt>Heartbeat API handler (accepts preset-address-book-password in plaintext)</tt>.</p><p>This issue affects RustDesk Server Pro: through 1.7.5.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information"}]}], "configurations": [{"lang": "en", "value": "Pro server with address book feature in use", "supportingMedia": [{"type": "text/html", "value": "Pro server with address book feature in use", "base64": false}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rustdesk-server-pro:rustdesk_server_pro:*:*:windows:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "1.7.5", "versionStartIncluding": "0"}, {"criteria": "cpe:2.3:a:rustdesk-server-pro:rustdesk_server_pro:*:*:macos:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "1.7.5", "versionStartIncluding": "0"}, {"criteria": "cpe:2.3:a:rustdesk-server-pro:rustdesk_server_pro:*:*:linux:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "1.7.5", "versionStartIncluding": "0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "shortName": "VULSec", "dateUpdated": "2026-03-05T16:51:07.744Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30796", "state": "PUBLISHED", "dateUpdated": "2026-03-17T14:31:39.098Z", "dateReserved": "2026-03-05T14:13:37.203Z", "assignerOrgId": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "datePublished": "2026-03-05T15:30:39.605Z", "assignerShortName": "VULSec"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rustdesk:rustdesk_server:*:*:*:*:pro:*:*:*", "matchCriteriaId": "4F6E21F9-385D-4DB4-9CD4-EDB43561D9E5", "versionEndIncluding": "1.7.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks. This vulnerability is associated with program files Closed source \u2014 API endpoint handling heartbeat sync and program routines Heartbeat API handler (accepts preset-address-book-password in plaintext).\n\nThis issue affects RustDesk Server Pro: through 1.7.5."}, {"lang": "es", "value": "Vulnerabilidad de transmisi\u00f3n en texto claro de informaci\u00f3n sensible en rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro en Windows, MacOS, Linux (M\u00f3dulos de API de sincronizaci\u00f3n de libreta de direcciones) permite ataques de sniffing. Esta vulnerabilidad est\u00e1 asociada con archivos de programa de c\u00f3digo cerrado \u2014 punto final de API que gestiona la sincronizaci\u00f3n de latidos y rutinas de programa gestor de API de latidos (acepta preset-address-book-password en texto claro).\n\nEste problema afecta a RustDesk Server Pro: hasta la 1.7.5."}], "id": "CVE-2026-30796", "lastModified": "2026-03-25T17:50:45.090", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "type": "Secondary"}]}, "published": "2026-03-05T16:16:21.007", "references": [{"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "tags": ["Exploit", "Third Party Advisory"], "url": "https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"}, {"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "tags": ["Product", "Vendor Advisory"], "url": "https://rustdesk.com/docs/en/"}, {"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "tags": ["Not Applicable"], "url": "https://www.vulsec.org/"}], "sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["windows", "macos", "linux"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.7.5]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "RustDesk Server Pro", "source": "cna", "vendor": "rustdesk-server-pro"}, "product": "rustdesk_server_pro", "vendor": "rustdesk-server-pro"}], "analysis": {"en": {"generated_at": "2026-04-16T12:21:49.649168+00:00", "value": {"mitigation_remediation": ["Upgrade to a RustDesk Server Pro release that implements SRP for the address book API, per the vendor\u2019s official recommendation.", "If an upgrade cannot be performed immediately, avoid configuring address book passwords and use account\u2011based authentication only, following the provided workaround.", "Ensure that all traffic to and from the RustDesk Server Pro instance is protected by TLS or transmitted over a secure VPN tunnel to mitigate the risk of network sniffing."], "summary": {"action": "Apply Fix", "impact": "Plaintext Credential Exposure"}, "threat_synthesis": {"affected_systems": "The flaw is present in RustDesk Server Pro on Windows, macOS, and Linux platforms and applies to all releases through version\u202f1.7.5. The API endpoint involved is part of the server's heartbeat and synchronization modules. Any deployment of RustDesk Server Pro older than or equal to 1.7.5 is susceptible.", "description_and_impact": "The vulnerable RustDesk Server Pro exposes the preset address book password in plaintext when synchronizing over the heartbeat API. This cleartext transmission allows an attacker who can sniff network traffic to capture the password and potentially access the user's address book. Based on the description, it is inferred that this credential exposure could compromise the confidentiality of stored address book entries.", "risk_and_exploitability": "The likely attack vector is passive sniffing of traffic between the client and the server. Based on the description, it is inferred that an attacker might also tamper with packets to send a plaintext password, though this is not explicitly stated. The vulnerability carries a CVSS score of 8.7, indicating high severity, but its EPSS score is below 1\u202f%, suggesting a very low probability that exploitation will occur in the wild. The flaw is not listed in CISA's KEV catalog at this time."}}}}, "created": "2026-03-06T15:01:48.992667+00:00", "updated": "2026-04-16T12:30:06.113671+00:00", "vendors": ["rustdesk-server-pro", "rustdesk-server-pro$PRODUCT$rustdesk_server_pro"]}