Critical severity9.8NVD Advisory· Published Jan 28, 2025· Updated Apr 15, 2026

CVE-2022-3365

Description

Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct's custom control protocol. A Metasploit module was written and tested against version 4.110, the current version when this CVE was reserved.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/rapid7/metasploit-framework/pull/17067nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.042
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000