cve/2024/CVE-2024-7421.md

### [CVE-2024-7421](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7421)
![](https://img.shields.io/static/v1?label=Product&message=Remote%20Desktop%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%202024.2.20%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-532%3A%20Information%20Exposure%20Through%20Log%20Files&color=brighgreen)

### Description

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions

### POC

#### Reference
- https://devolutions.net/security/advisories/DEVO-2024-0014

#### Github
No PoCs found on GitHub currently.