CVE-2026-30402

CRITICAL
2026-03-19 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 20, 2026 - 13:52 vuln.today
CVE Published
Mar 19, 2026 - 15:16 nvd
CRITICAL 9.8

Tags

RCE Code Injection

Description

An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function

Analysis

Remote code execution in wgcloud version 2.3.7 and earlier allows unauthenticated attackers to execute arbitrary code through the test connection function. The vulnerability carries a critical CVSS score of 9.8 with network-based exploitation requiring no privileges or user interaction. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all wgcloud deployments and identify instances running version 2.3.7 or earlier; immediately disable or restrict network access to the test connection function. Within 7 days: Implement network segmentation to limit wgcloud exposure, apply WAF rules to block suspicious test connection requests, and contact wgcloud vendor for patch timeline and interim guidance. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

49
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +49
POC: 0

Share

CVE-2026-30402 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy