CVE-2026-29771 Wireguard — Exploit & Vulnerability Details HIGH

CVE-2026-29771

HIGH CVSS 4.0: 8.7 EPSS 0.02%

Parameter	Value
CVSS	8.7 (HIGH)
Fixed In	1.2.0
Type	CWE-404 (Improper Resource Shutdown or Release)
Vendor	Wireguard
Public PoC	No

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart intervals.

This issue has been patched in version 1.2.0.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Attack Requirements

None

No additional conditions

Privileges Required

None

No privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

None

No data leak

Integrity

None

No data modification

Availability

High

Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-404 Improper Resource Shutdown or Release

References 1

https://github.com/gravitl/netmaker/security/advisories/GHSA-rhr9-hgcm-x289

security-advisories@github.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-34227

Bishopfox

5.9

CVE-2026-32941

Bishopfox

7.1

CVE-2026-29196

Wireguard

8.7

CVE-2026-29195

Wireguard

6.9

CVE-2026-29781

Wireguard

5.3

Menu

CVE-2026-29771

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-34227

CVE-2026-32941

CVE-2026-29196

CVE-2026-29195

CVE-2026-29781

CVE Details

Editor's Choice

Menu

CVE-2026-29771

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-34227

CVE-2026-32941

CVE-2026-29196

CVE-2026-29195

CVE-2026-29781

CVE Details

Editor's Choice

Stay informed on cybersecurity