Solarwinds Dameware Mini Remote Control — known CVE vulnerabilities
Every CVE whose affected-product data names Solarwinds Dameware Mini Remote Control, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2019-3980 — CVSS 9.8 (critical): The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an…
CVE-2021-31217 — CVSS 9.1 (critical): In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
CVE-2019-9017 — CVSS 7.5 (high): DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.
CVE-2015-8220 — CVSS 7.5 (high): Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote…
CVE-2019-3957 — CVSS 7.4 (high): Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly…
CVE-2004-1852 — CVSS 5.0 (medium): DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote…