Executive Risk Summary
"A vulnerability in RustDesk Server Pro and RustDesk Server allows password brute forcing due to improper restriction of excessive authentication attempts and use of password hash with insufficient computational effort. This vulnerability affects versions through 1.7.5 of RustDesk Server Pro and through 1.1.15 of RustDesk Server."
Anticipated Attack Path
- 1. An attacker identifies a vulnerable RustDesk server version
- 2. The attacker initiates a brute-force attack on the server's authentication mechanism
- 3. The attacker gains unauthorized access to the server due to the vulnerability
Am I Vulnerable?
- Is your RustDesk Server Pro version 1.7.5 or earlier?
- Is your RustDesk Server version 1.1.15 or earlier?
- Are peer authentication and API login modules enabled on your RustDesk server?
Operational Audit Arsenal
Target Type Server
Target Asset rustdesk-server-pro
Standard Path Management Plane / API Login Modules
Manual Verification Required
This is a non-Windows asset (RustDesk). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Moderate
Internal Work Notes
CVE-2026-30790: Vulnerability in RustDesk Server Pro and RustDesk Server allowing password brute forcing. Upgrade to a patched version to mitigate the risk.
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Related RustDesk Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.