Vulnerability Description
Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the service forwards directly to OS execution functions, enabling remote code execution under the service account.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://packetstorm.news/files/id/215835/
- https://www.saturnremote.com/
- https://www.vulncheck.com/advisories/saturn-remote-mouse-server-udp-command-inje
FAQ
What is CVE-2026-27182?
CVE-2026-27182 is a vulnerability with a CVSS score of 8.4 (HIGH). Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. At...
How severe is CVE-2026-27182?
CVE-2026-27182 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-27182?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.