Description
AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Send Support Information feature. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-26645.
The specific flaw exists within the Send Support Information feature. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-26645.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-26-401/ |
|
History
Mon, 13 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Anydesk
Anydesk anydesk |
|
| Vendors & Products |
Anydesk
Anydesk anydesk |
Mon, 13 Jul 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Send Support Information feature. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-26645. | |
| Title | AnyDesk Support Information Link Following Denial-of-Service Vulnerability | |
| Weaknesses | CWE-59 | |
| References |
| |
| Metrics |
cvssV3_0
|
Status: PUBLISHED
Assigner: zdi
Published:
Updated: 2026-07-13T21:31:11.029Z
Reserved: 2026-07-13T21:29:24.642Z
Link: CVE-2026-15682
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-13T22:30:04Z
Weaknesses