CVE-2025-68670 — Stack-based Buffer Overflow in Xrdp

CWE-121 — Stack-based Buffer Overflow CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

9.8CRITICALNVD

CNA9.1

EPSS

0.1%

top 68.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Neutrinolabs Xrdp Debian Linux

Timeline

PublishedJan 27

Description

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote attackers to execute arbitrary code on the target system. The vulnerability allows an attacker to overwrite the stack buffer and the return address, which could theoretically be used to redirect the execut…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5neutrinolabs/xrdp< 0.10.5

▶NVDneutrinolabs/xrdp< 0.10.5

▶Debianneutrinolabs/xrdp< 0.9.21.1-1~deb11u3+3

Also affects: Debian Linux 11.0

Patches

Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2025-68670: xrdp is an open source RDP server↗2026-01-27

▶

CVEList

xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow↗2026-01-27

▶

📋Vendor Advisories

Debian

CVE-2025-68670: xrdp - xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticat...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68670 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶