CVE-2026-30789

Name of the Vulnerable Software and Affected Versions RustDesk Client versions through 1.4.5

Description A flaw exists in RustDesk Client that allows for authentication bypass through capture-replay attacks and the use of a password hash with insufficient computational effort. This impacts the client login and peer authentication modules. The issue stems from the reuse of session IDs, also known as session replay. The vulnerability is related to files within the src/client.Rs directory and routines such as hash password() and login proof construction.

Recommendations Update RustDesk Client to a version later than 1.4.5.