CVEFinder.io

CVE-2023-32077

⚠️ high
🔍 Scan for this CVE
Summary

Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is

Description

Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is using version 0.17.1 can pull the latest docker image of the backend and restart the server.

CVSS Score
7.5
High
EPSS Score
86.6
Exploit Probability
Published Date
2023-08-24
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 69.0% of all 326,604 vulnerabilities in our database.

#101,315
Above average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: Oct 2, 2024
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
YES
Can be exploited automatically
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2026-05-18
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE IDs (Weakness Types)
CWE-321 CWE-798

📦 Affected Products 4

Vendor Product Status Affected Versions
gravitl netmaker Affected
< 0.17.1
gravitl netmaker Affected
≥ 0.18.0 ≤ 0.18.5
netmaker netmaker Affected
< 0.17.1
netmaker netmaker Affected
> 0.18.0 < 0.18.5

💣 Public Exploits 1 PRO

Loading exploit information...

🔗 References 4

https://github.com/gravitl/netmaker/commit/1621c27c1...
Patch
https://github.com/gravitl/netmaker/commit/9362c39a9...
Patch
https://github.com/gravitl/netmaker/pull/2170
Patch
https://github.com/gravitl/netmaker/security/advisor...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-38651 ⚠️ high 8.2 0.1 Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jw... 2026-04-28
CVE-2026-29194 ⚠️ high 8.1 0.1 Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Authorize middleware in Netmaker incorrectly validat... 2026-03-07
CVE-2026-29771 🔶 medium 6.5 0.0 Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of ... 2026-03-07
CVE-2026-29195 🔶 medium 6.5 0.0 Netmaker makes networks with WireGuard. Prior to version 1.5.0, the user update handler (PUT /api/users/{username}) lack... 2026-03-07
CVE-2026-29196 🔶 medium 4.3 0.0 Netmaker makes networks with WireGuard. Prior to version 1.5.0, a user assigned the platform-user role can retrieve Wire... 2026-03-07
CVE-2023-32078 ⚠️ high 7.5 0.2 Netmaker makes networks with WireGuard. An Insecure Direct Object Reference (IDOR) vulnerability was found in versions p... 2023-08-24
These CVEs affect the same products