Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

mikhomikho Hosting ProviderOG

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely.

The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions.

According to a report published by Check Point Research and shared with The Hacker News, the flaws grant "an attacker, who has already successfully compromised a computer inside the organization, to launch an attack on the Guacamole gateway when an unsuspecting worker tries to connect to an infected machine."

After the cybersecurity firm responsibly disclosed its findings to Apache, the maintainers of Guacamole, on March 31, the company released a patched version in June 2020.

Get 4 or more NAT servers (mix/match between packages) and get a 20 % recurring discount. https://clients.mrvm.net

Thanked by (1)Mason

Comments

  • pinging @Mason

    Thanked by (1)Mason
  • MasonMason OGContent Writer

    @beagle said:
    pinging @Mason

    Thanks for the ping, I'm surprised you remembered that I use this!

    My couple RDP boxes are on my local net, so I suppose I have other things to worry about if any of those systems become compromised :P. Time to patch!

    What in tarnation? A little yabs'll do ya!

  • mikhomikho Hosting ProviderOG

    I remember that someone here or on LET used it, couldn’t remember who.

    Thought if I posted it, the person(s) would eventually find it. :)

    Thanked by (2)Mason vimalware

    Get 4 or more NAT servers (mix/match between packages) and get a 20 % recurring discount. https://clients.mrvm.net

  • MasonMason OGContent Writer

    @mikho said:
    Thought if I posted it, the person(s) would eventually find it. :)

    Cheers!

    I still think about this damn song every time I see "Guacamole" lol...

    Have a splendid day!

    Thanked by (2)mikho bdl

    What in tarnation? A little yabs'll do ya!

  • @Mason said: Thanks for the ping, I'm surprised you remembered that I use this!

    My pleasure. ;-)

    I remembered you mentioned again recently when someone asked about virtual desktop or remote coding.

Sign In or Register to comment.