CVE-2026-30796
HIGH 7.5Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks. This vulnerability is associated with program files Closed source — API endpoint handling heartbeat sync and program routines Heartbeat API handler (accepts preset-address-book-password in plaintext).
This issue affects RustDesk Server Pro: through 1.7.5.
Affected Applications in Environment
24
Rustdesk
v1.2.3+39
1 device
Rustdesk
v1.4.5
6 devices
Rustdesk
v1.4.6+64
7 devices
Rustdesk
v1.4.6.29544831
1 device
Rustdesk
v1.4.0+58
2 devices
Rustdesk
v1.3.9 (57)
1 device
Rustdesk
v1.4.4 (62)
1 device
Rustdesk
v1.4.2+60
1 device
Rustdesk
v1.4.3
1 device
Rustdesk
v1.4.5+63
11 devices
Rustdesk
v1.4.1
7 devices
Rustdesk
v1.2.3
1 device
Rustdesk
v1.4.1+59
7 devices
Rustdesk
v1.4.6
6 devices
Rustdesk
v1.4.4+62
1 device
Rustdesk
v1.4.2 (60)
1 device
Rustdesk
v1.4.0.29119187
2 devices
Rustdesk
v1.3.1.28780709
1 device
Rustdesk
v1.3.1+47
1 device
Rustdesk
v1.4.2
1 device
Rustdesk
v1.4.5.29466336
1 device
Rustdesk
v1.4.4.29392109
1 device
Rustdesk
v1.4.3+60
1 device
server
v1.0.0.0
1 device
Affected Devices
28
DESKTOP-5KVOR71
Windows
DESKTOP-AASJHC2
Windows
DESKTOP-EILTT2N
Windows
DESKTOP-UUT4C45
Windows
DPCPD-BK7WZF2
Windows
DPCPD-PF4HJNK0
Windows
DPEMAE-7242KKC
Windows
DPENGR-L1283ZDM
Windows
DPHSNG-449500CE
Windows
DPHSNG-LEDBYOEM
Windows
DPHSNG-LTSTRING
Windows
DPINFT-02609239
Windows
DPINFT-6P663188
Windows
DPINFT-810B00F
Windows
DPINFT-PF1TA1PH
Windows
EBB107-01
Windows
HDTS171858
Windows
HTTS171501
Windows
LGN-HH-220
Windows
LGN-LIB-302
Windows
LGN-LIB-411
Windows
LOGAN-VSB-219
Windows
NCH-194817
Windows
SETHVM
Windows
SILK
Windows
a00014956-R7HQ9T146L
Mac
a00344774-D64VY7FMP7
Mac
a00523751-JYGQVF06HR
Mac