cvedb.io
CVE-2023-30575
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2023-06-07T09:15:09.993 · Last modified 2026-06-17T05:55:03.440

Summary

Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data.

Affected products

apache — guacamole

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.