CVE-2026-29196
MEDIUM
GHSA-4hgg-c4rr-6h7f
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3Description
Netmaker makes networks with WireGuard. Prior to version 1.5.0, a user assigned the platform-user role can retrieve WireGuard private keys of all wireguard configs in a network by calling GET /api/extclients/{network} or GET /api/nodes/{network}. While the Netmaker UI restricts visibility, the API endpoints return full records, including private keys, without filtering based on the requesting user's ownership. This issue has been patched in version 1.5.0.
Analysis
Netmaker versions prior to 1.5.0 expose WireGuard private keys through unauthenticated API endpoints when accessed by users with the platform-user role, allowing credential theft across all network configurations despite UI-level access restrictions. An authenticated attacker can retrieve sensitive cryptographic material by directly calling GET /api/extclients/{network} or GET /api/nodes/{network} endpoints that lack proper output filtering. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today