CVEFinder.io

CVE-2023-32079

⚠️ high
🔍 Scan for this CVE
Summary

Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, so

Description

Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone using version 0.17.1 can pull the latest docker image of the backend and restart the server.

CVSS Score
8.8
High
EPSS Score
1.0
Exploit Probability
Published Date
2023-08-24
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is High Risk - more severe than 81.1% of all 326,604 vulnerabilities in our database.

#61,754
Top 25% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: Oct 2, 2024
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2026-05-18
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-915

📦 Affected Products 4

Vendor Product Status Affected Versions
gravitl netmaker Affected
< 0.17.1
gravitl netmaker Affected
≥ 0.18.0 ≤ 0.18.5
netmaker netmaker Affected
< 0.17.1
netmaker netmaker Affected
> 0.18.0 < 0.18.5

🔗 References 1

https://github.com/gravitl/netmaker/security/advisor...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-38651 ⚠️ high 8.2 0.1 Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jw... 2026-04-28
CVE-2026-29194 ⚠️ high 8.1 0.1 Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Authorize middleware in Netmaker incorrectly validat... 2026-03-07
CVE-2026-29771 🔶 medium 6.5 0.0 Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of ... 2026-03-07
CVE-2026-29195 🔶 medium 6.5 0.0 Netmaker makes networks with WireGuard. Prior to version 1.5.0, the user update handler (PUT /api/users/{username}) lack... 2026-03-07
CVE-2026-29196 🔶 medium 4.3 0.0 Netmaker makes networks with WireGuard. Prior to version 1.5.0, a user assigned the platform-user role can retrieve Wire... 2026-03-07
CVE-2023-32077 ⚠️ high 7.5 86.6 Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in N... 2023-08-24
These CVEs affect the same products