CVE-2020-9497 – Apache / Guacamole – Information disclosure

Click the icon to Follow me:- twitterTelegramRedditDiscord


CVE-2020-9497 is an information disclosure vulnerability impacting Apache Guacamole versions 1.1.0 and earlier. A proof of concept (PoC) was not observed publicly or in the underground. However, a walk-through demo of an exploit was shared via YouTube. This vulnerability can be exploited in conjunction with CVE-2020-9498 to execute arbitrary code on the vulnerable system.

PoC Links(if available):

Apache Guacamole RCE –

Known Counter Measures:

The vendor addressed the vulnerability in a security update with updated version.

Links to patches(if available)

Available for Amazon Prime