CVE Alert: CVE-2024-35164

July 3, 2025
image 1

Vulnerability Summary: CVE-2024-35164

The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.6.0, which fixes this issue.

Affected Endpoints:

No affected endpoints listed.

Published Date:

7/2/2025, 12:15:27 PM

⚠️ CVSS Score:

CVSS v3 Score: 6.8 (Medium)

Exploit Status:

Not Exploited

EPS Score: 0.00031 | Ranking EPS: 0.07004

References:

Recommended Action:

No proposed action available. Please refer to vendor documentation for updates.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

HIBP-Banner-1

Catwatchful – 61,641 breached accounts

July 4, 2025
image

CVE Alert: CVE-2025-6437

July 4, 2025
image

CVE Alert: CVE-2025-6459

July 4, 2025
image

CVE Alert: CVE-2025-6686

July 4, 2025
image

CVE Alert: CVE-2025-5817

July 4, 2025