VYPR

Lazy Mouse

by Lazy Mouse

CVEs (2)

  • CVE-2022-45481CriDec 5, 2022
    risk 0.64cvss 9.8epss 0.02

    The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  • CVE-2022-45482CriDec 2, 2022
    risk 0.64cvss 9.8epss 0.01

    Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H