Ebrahim Shafiei

**Name of the Vulnerable Software and Affected Versions** AnyDesk versions 8.1.0 and lower **Description** The issue is related to the "Allow Direct Connections" feature of the AnyDesk remote desktop software, which inadvertently exposes a public IP address within network traffic when enabled. An attacker must know the victim's AnyDesk ID to exploit this issue. This may allow a remote attacker to disclose protected information about the IP address of the target system. **Recommendations** For AnyDesk versions 8.1.0 and lower, consider disabling the "Allow Direct Connections" feature until a patch is available. Restrict access to the affected feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.