Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gravitl netmaker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36110
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admi...
Gravitl Netmaker
9
CVSSv2
CVE-2022-23650
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the...
Gravitl Netmaker
10
CVSSv2
CVE-2022-0664
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker before 0.8.5,0.9.4,0.10.0,0.10.1.
Gravitl Netmaker
NA
CVE-2023-32077
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run...
Gravitl Netmaker
NA
CVE-2023-32078
Netmaker makes networks with WireGuard. An Insecure Direct Object Reference (IDOR) vulnerability was found in versions before 0.17.1 and 0.18.6 in the user update function. By specifying another user's username, it was possible to update the other user's password. The i...
Gravitl Netmaker
NA
CVE-2023-32079
Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions before 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, the...
Gravitl Netmaker
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started