Wgcloud
CVE-2026-30402
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function
AnalysisAI
Remote code execution in wgcloud version 2.3.7 and earlier allows unauthenticated attackers to execute arbitrary code through the test connection function. The vulnerability carries a critical CVSS score of 9.8 with network-based exploitation requiring no privileges or user interaction. No public exploit has been identified at time of analysis, though the EPSS score of 0.29% (52nd percentile) indicates low predicted exploitation probability despite the critical severity rating.
Technical ContextAI
This vulnerability is classified under CWE-94 (Improper Control of Generation of Code / Code Injection), indicating that the wgcloud application improperly handles user-supplied input in the test connection function, allowing attackers to inject and execute arbitrary code. Wgcloud is an open-source server monitoring system. The code injection occurs within a network-accessible test connection feature, suggesting insufficient input validation or sanitization of connection parameters that are subsequently processed or evaluated by the application. The affected component is identified as cpe:2.3:a:wgcloud_project:wgcloud:*:*:*:*:*:*:*:* for versions through 2.3.7.
RemediationAI
Upgrade wgcloud to a version later than 2.3.7 when available. Review the vendor advisory at https://github.com/tianshiyeben/wgcloud/issues/96 for the latest patching guidance and release information. No vendor-released patch with specific version number has been independently confirmed from available data sources at time of analysis. As an interim mitigation, restrict network access to the wgcloud management interface to trusted IP ranges only, implement network segmentation to isolate monitoring infrastructure, and disable or restrict access to the test connection function if not operationally required. Monitor the official GitHub repository for security updates and consider implementing input validation controls at the network perimeter level.
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today