CVE-2024-52940

AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes a public IP address within network traffic. The attacker must know the victim's AnyDesk ID.
Configurations

No configuration.

History

18 Nov 2024, 16:35

Type Values Removed Values Added
Summary
  • (es) AnyDesk hasta la versión 8.1.0 en Windows, cuando está habilitada la opción Permitir conexiones directas, expone inadvertidamente una dirección IP pública dentro del tráfico de la red. El atacante debe conocer el ID de AnyDesk de la víctima.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-532

18 Nov 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-18 05:15

Updated : 2024-11-18 17:11


NVD link : CVE-2024-52940

Mitre link : CVE-2024-52940

CVE.ORG link : CVE-2024-52940


JSON object : View

Products Affected

No product.

CWE
CWE-532

Insertion of Sensitive Information into Log File