Main Vulnerability Database Exploits ID:3067 - Exploit for Format string error in AnyDesk for Linux and AnyDesk for BSD - CVE-2020-13160

ID:3067 - Exploit for Format string error in AnyDesk for Linux and AnyDesk for BSD - CVE-2020-13160

Published: July 12, 2020

Vulnerability identifier: #VU29530

Vulnerability risk: High

CVE-ID: CVE-2020-13160

CWE-ID: CWE-134

Exploitation vector: Remote access

Vulnerable software:
AnyDesk for Linux
AnyDesk for BSD

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/linux/misc/cve_2020_13160_anydesk

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a format string error when processing hostames. A remote attacker can supply a specially crafted input that contains format string specifiers and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

ID:3067 - Exploit for Format string error in AnyDesk for Linux and AnyDesk for BSD - CVE-2020-13160

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human