Apache Guacamole RDP Audio Input Buffer Freed Reference Vulnerability

Apache Guacamole RDP Audio Input Buffer Freed Reference Vulnerability

CVE-2023-30576 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process.

Learn more about our Web Application Penetration Testing UK.