CPE
A pre-authentication remote code execution vulnerability exists in xrdp versions prior to 0.10.5, triggered by a buffer overflow in the xrdp_wm_parse_domain_information function when parsing a specially crafted domain name, allowing attackers to overwrite the return address and execute arbitrary code.