Vulnerability Description
Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Remotemouse | Emote Interactive Studio | 3.008 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://deathflash.ml/blog/remote-mouse-lpeExploitThird Party Advisory
- https://leobreaker1411.github.io/blog/cve-2021-35448ExploitThird Party Advisory
- https://www.exploit-db.com/exploits/50047ExploitThird Party AdvisoryVDB Entry
- https://deathflash.ml/blog/remote-mouse-lpeExploitThird Party Advisory
- https://leobreaker1411.github.io/blog/cve-2021-35448ExploitThird Party Advisory
- https://www.exploit-db.com/exploits/50047ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2021-35448?
CVE-2021-35448 is a vulnerability with a CVSS score of 7.8 (HIGH). Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local por...
How severe is CVE-2021-35448?
CVE-2021-35448 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-35448?
Check the references section above for vendor advisories and patch information. Affected products include: Remotemouse Emote Interactive Studio, Microsoft Windows.