Description
Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing.

The authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery.

This vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction).

This issue affects RustDesk Client: through 1.4.8.
Published: 2026-03-05
Score: 5.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw resides in the RustDesk client’s login proof construction. The client sends a secret proof calculated as SHA‑256(SHA‑256(password + salt) + challenge) where both the salt and the challenge are generated by the server and no client‑side nonce is involved. Because this computation uses a fast double SHA‑256 instead of a slow key‑derivation function, an attacker who captures a proof can perform an offline password‑brute‑force attack to recover the password. The vulnerability involves weaknesses identified by CWE‑294 and CWE‑916, as the client’s login limiter and the existing LOGIN_FAILURES counter only constrain online attempts and do not mitigate the offline attack. Even though the challenge is regenerated for each connection, which removes replayability, the lack of a client‑side nonce allows reuse of the captured proof for offline attacks.

Affected Systems

RustDesk Client versions through 1.4.8 on all supported platforms—Windows, macOS, Linux, iOS, Android, and the web client—are affected. The vulnerability impacts the client login and peer authentication modules, allowing anyone who can observe or capture an authentication proof to attempt offline cracking of the password.

Risk and Exploitability

The CVSS score of 5.7 indicates a moderate‑severity flaw. The EPSS score of < 1% suggests low expected exploitation frequency, yet the potential impact remains significant because the attacker can peacefully recover credentials offline once they obtain a single proof. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires the attacker to position a rogue or on‑path API/relay server that can supply chosen salts and challenges and capture the resulting proof; an offline brute‑force attack then can be executed against the recovered proof. The existing online login failure counter and OTP brute‑force limiter do not deter this offline scenario. The recommended vendor fix—adding a client‑side nonce and adopting SRP—directly addresses the root cause, while the workaround of enforcing 16‑character‑or‑longer passwords and enabling two‑factor authentication raises the effort required for a successful brute‑force attempt until a patch is deployed.

Generated by OpenCVE AI on June 22, 2026 at 14:43 UTC.

Remediation

Vendor Solution

Add a client-side nonce to the auth proof and use a slow KDF (e.g., Argon2id). Transition to SRP.


Vendor Workaround

Use long (16+ char) random passwords. Enable 2FA where available.


OpenCVE Recommended Actions

  • Apply the vendor patch that adds a client‑side nonce and implements a slow KDF such as Argon2id, or transitions to SRP.
  • Use passwords that are at least 16 characters long and randomly generated.
  • Enable two‑factor authentication wherever available.

Generated by OpenCVE AI on June 22, 2026 at 14:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 22 Jun 2026 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-307
Metrics cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

cvssV4_0

{'score': 5.7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


Mon, 22 Jun 2026 10:00:00 +0000

Type Values Removed Values Added
Description Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5. Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Password Brute Forcing. The authentication proof is SHA256(SHA256(password + salt) + challenge), where both the salt and the challenge are generated entirely by the server with no client-side nonce, and the hash uses no slow key-derivation function. A rogue or on-path API/relay server (see CVE-2026-30794 / CVE-2026-30797) can issue a chosen salt and challenge, capture the resulting proof, and recover the password offline. The capture-replay claim (CWE-294) is withdrawn: the challenge is regenerated per connection (challenge = Config::get_auto_password(6)), so a captured proof is not replayable against the legitimate server. The 1.4.7 OTP brute-force limiter and the existing LOGIN_FAILURES counter constrain only ONLINE attempts and do not address offline recovery. This vulnerability is associated with program files src/client.rs and program routines handle_hash(), handle_login_from_ui() (login proof construction). This issue affects RustDesk Client: through 1.4.8.
Title RustDesk Client Generates Auth Proof Without Client-Side Nonce, Enabling Replay Attacks RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force
Weaknesses CWE-307
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


Mon, 22 Jun 2026 08:00:00 +0000

Type Values Removed Values Added
Description Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5. Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5.

Wed, 25 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple iphone Os
Apple macos
Google
Google android
Linux
Linux linux Kernel
Microsoft
Microsoft windows
Rustdesk
Rustdesk rustdesk
CPEs cpe:2.3:a:rustdesk:rustdesk:*:*:*:*:webclient:*:*:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple iphone Os
Apple macos
Google
Google android
Linux
Linux linux Kernel
Microsoft
Microsoft windows
Rustdesk
Rustdesk rustdesk
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Tue, 17 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 05 Mar 2026 18:15:00 +0000


Thu, 05 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 05 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Description Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5.
Title RustDesk Client Generates Auth Proof Without Client-Side Nonce, Enabling Replay Attacks
First Time appeared Rustdesk-client
Rustdesk-client rustdesk Client
Weaknesses CWE-294
CWE-916
CPEs cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:android:*:*:*:*:*
cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:ios:*:*:*:*:*
cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:linux:*:*:*:*:*
cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:macos:*:*:*:*:*
cpe:2.3:a:rustdesk-client:rustdesk_client:*:*:windows:*:*:*:*:*
Vendors & Products Rustdesk-client
Rustdesk-client rustdesk Client
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Apple Iphone Os Macos
Google Android
Linux Linux Kernel
Microsoft Windows
Rustdesk Rustdesk
Rustdesk-client Rustdesk Client
cve-icon MITRE

Status: PUBLISHED

Assigner: VULSec

Published:

Updated: 2026-06-22T13:16:30.794Z

Reserved: 2026-03-05T14:13:37.202Z

Link: CVE-2026-30789

cve-icon Vulnrichment

Updated: 2026-03-05T16:31:23.729Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T16:16:19.560

Modified: 2026-06-17T10:32:55.153

Link: CVE-2026-30789

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-22T14:45:05Z

Weaknesses
  • CWE-294

    Authentication Bypass by Capture-replay

  • CWE-916

    Use of Password Hash With Insufficient Computational Effort