Improper Certificate Validation in FreeRDP - #VU137822
Published: July 16, 2026
FreeRDP
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass TLS server identity validation.
The vulnerability exists due to improper certificate validation in tls_verify_certificate() and tls_match_hostname() when verifying IP-literal connection targets against DNS subject alternative name or Common Name values instead of iPAddress subject alternative name entries. A remote attacker can present a specially crafted certificate to bypass TLS server identity validation.
Exploitation requires a certificate chain trusted by the FreeRDP client.