Home

Description

Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the service forwards directly to OS execution functions, enabling remote code execution under the service account.

PUBLISHED Reserved 2026-02-18 | Published 2026-02-18 | Updated 2026-02-19 | Assigner VulnCheck




HIGH: 8.6CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 8.4CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Missing Authentication for Critical Function

Product status

Default status
unaffected

*
affected

Credits

indoushka finder

References

packetstorm.news/files/id/215835/ (PacketStorm-215835) exploit

www.saturnremote.com/ (Official Product Homepage) product

www.vulncheck.com/...-mouse-server-udp-command-injection-rce (VulnCheck Advisory: Saturn Remote Mouse Server UDP Command Injection RCE) third-party-advisory

cve.org (CVE-2026-27182)

nvd.nist.gov (CVE-2026-27182)

Download JSON