What is CVE-2022-3365?

CVE-2022-3365 is a vulnerability in Emote Interactive Remote Mouse Server, classified under Use of a Broken or Risky Cryptographic Algorithm. Published 2025-01-28.

Is CVE-2022-3365 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Emote Interactive Remote Mouse Server

CVE-2022-3365

Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS command…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.526 (98.0th percentile) — read the EPSS interpretation.

Affected products

Emote Interactive Remote Mouse Server — versions 0

Weakness classification (CWE)

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm

Public proof-of-concept exploits

References

github.com/rapid7/metasploit-framework/pull/17067 (exploit)

Frequently asked questions

What is CVE-2022-3365?: CVE-2022-3365 is a vulnerability in Emote Interactive Remote Mouse Server, classified under Use of a Broken or Risky Cryptographic Algorithm. Published 2025-01-28.
Is CVE-2022-3365 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.