Apache guacamole security Jul 2, 2020 · In our research, we discovered that Apache Guacamole is vulnerable to several critical Reverse RDP Vulnerabilities, and is also impacted by a few new vulnerabilities found in FreeRDP. If you connect Guacamole to a WAN address without credential access or something equally silly, you're almost certain to get got. . Nov 3, 2020 · In June of 2020, security researchers at Check Point Research discovered multiple critical RDP (Remote Desktop Protocol) flaws in Apache Guacamole. Each vulnerability is listed with a description of the problem, its associated CVE number , and the Guacamole release in which the vulnerability was fixed. A good vulnerability management software can result in a secure environment for remote access. Jul 3, 2020 · Apache Guacamole permits users within an organization to remotely access their desktops using a web browser post an authentication process. The nature of these vulnerabilities could enable hackers to exploit the gateway and disclose sensitive information remotely. Jul 3, 2020 · Remote code execution and information disclosure vulnerabilities addressed in Apache Guacamole can be highly useful to threat actors targeting enterprises, Check Point security researchers warn. So, then the mission became how do I make this accessible off-prem, securely? The rest of this article will describe what Guacamole is and how to set it up for remote access in a way that is secure and stable. It's as secure as you engineer your network to be. Dec 15, 2023 · As a solution for remote access while on-prem, I’ve been using an RDP gateway called Apache Guacamole for about two years and I love it. This page lists all security vulnerabilities fixed in released versions of Apache Guacamole.