Dameware Mini Remote Control
by SolarWinds
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2345 | Cri | 0.71 | 9.8 | 0.51 | Mar 17, 2016 | Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string. | ||
| CVE-2018-12897 | Hig | 0.54 | 7.8 | 0.02 | Sep 7, 2018 | SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow. | ||
| CVE-2025-26396 | Hig | 0.51 | 7.8 | 0.00 | Jun 2, 2025 | The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability. | ||
| CVE-2019-9017 | 0.05 | — | 0.21 | May 2, 2019 | DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. | |||
| CVE-2019-3980 | 0.03 | — | 0.05 | Oct 8, 2019 | The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an… | |||
| CVE-2021-31217 | 0.00 | — | 0.04 | Jul 13, 2021 | In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. | |||
| CVE-2015-8220 | 0.00 | — | 0.05 | Nov 17, 2015 | Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link. | |||
| CVE-2004-1852 | 0.00 | — | 0.01 | Mar 23, 2004 | DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information. |
- risk 0.71cvss 9.8epss 0.51
Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string.
- risk 0.54cvss 7.8epss 0.02
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.
- risk 0.51cvss 7.8epss 0.00
The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability.
- CVE-2019-9017May 2, 2019risk 0.05cvss —epss 0.21
DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.
- CVE-2019-3980Oct 8, 2019risk 0.03cvss —epss 0.05
The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an…
- CVE-2021-31217Jul 13, 2021risk 0.00cvss —epss 0.04
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
- CVE-2015-8220Nov 17, 2015risk 0.00cvss —epss 0.05
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link.
- CVE-2004-1852Mar 23, 2004risk 0.00cvss —epss 0.01
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.