CVE-2026-29771 Wireguard — Exploit & Vulnerability Details HIGH

Parameter	Value
CVSS	8.7 (HIGH)
Fixed In	1.2.0
Type	CWE-404 (Improper Resource Shutdown or Release (Некорректное освобождение ресурсов))
Vendor	Wireguard
Public PoC	No

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart intervals.

This issue has been patched in version 1.2.0.

Attack Parameters

Attack Vector

Network

Атака возможна удалённо

Attack Complexity

Low

Легко эксплуатировать

Attack Requirements

None

Нет дополнительных условий

Privileges Required

None

Права не нужны

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

None

Нет утечки данных

Integrity

None

Нет модификации данных

Availability

High

Полный отказ в обслуживании

CVSS Vector v4.0

Weakness Type (CWE)

CWE-404 Improper Resource Shutdown or Release (Некорректное освобождение ресурсов)

References 1

https://github.com/gravitl/netmaker/security/advisories/GHSA-rhr9-hgcm-x289

security-advisories@github.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-29196

Wireguard

8.7

CVE-2026-29195

Wireguard

6.9

CVE-2026-29781

Wireguard

5.3

CVE-2026-29194

Wireguard

8.6

Menu

CVE-2026-29771

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-29196

CVE-2026-29195

CVE-2026-29781

CVE-2026-29194

CVE Details

Editor's Choice

Menu

CVE-2026-29771

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-29196

CVE-2026-29195

CVE-2026-29781

CVE-2026-29194

CVE Details

Editor's Choice

Stay informed on cybersecurity