New Vulnerability found in Dameware Mini Remote Control Server

(Alleen beschikbaar in het Engels)

We are proud to share the news: our security specialist Adriaan Schuitmaker has recently discovered an important CVE (CVE-2021-31217)! It's always so inspiring to see how our experts are dedicated to make the world a safer place.

Adobe Stock 301954255

During a security assessment, Adriaan found a vulnerability in the Dameware Mini Remote Control Server installation version (CVE-2021-31217). The installation contained insecure folder permission which allowed privileged system-level file deletion when a repair was initiated by the Windows installer.

The vulnerability was caused due to insecure configuration of the folder permission which are set during the installation of the DameWare product. Upon discovery the vulnerability was reported to the vendor, SolarWinds, which subsequently rated the issue as high and patched it in version 12.2.

For more information regarding this vulnerability, please read the full report here.

Interested in more stories about interesting vulnerabilities found by our dedicated security experts? Read more about the latest vulnerabilities discovered by our other experts here :