CVE-2022-3365
published 2025-01-28CVE-2022-3365: Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote…
PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.04%
78.8th percentile
Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct's custom control protocol. A Metasploit module was written and tested against version 4.110, the current version when this CVE was reserved.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| emote_interactive | remote_mouse_server | <= 4.110 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The exploit only succeeds when the Remote Mouse Server is configured with no password (default state). Alert on Remote Mouse Server instances reachable without authentication. ↗
- →A '500' server response code in the Remote Mouse Server protocol indicates a version >= 4.200 (patched). Absence of this response on exploit attempts indicates a vulnerable, unpatched host. ↗
- →The protocol uses a trivial substitution cipher. Hunt for network traffic characteristic of this weak obfuscation scheme on Remote Mouse Server listening ports as an indicator of exploitation attempts. ↗
- ·Exploitation is only possible when the Remote Mouse Server is running with no user-configured password (the default). Instances with a non-default password set are not exploitable via this module. ↗
- ·The vulnerability affects Remote Mouse Server versions prior to 4.200. Version 4.110 was confirmed vulnerable and was the current release at time of CVE reservation. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2025-01-28
Published