CVE-2023-32077

HIGH NUCLEI

Netmaker <0.17.1 and 0.18.6 - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2023-32077 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is using version 0.17.1 can pull the latest docker image of the backend and restart the server.

Nuclei Templates (1)

Netmaker - Hardcoded DNS Secret Key

HIGHVERIFIEDby iamnoooob,rootxharsh,pdresearch

Shodan: html:"netmaker" || http.html:"netmaker"

FOFA: body="netmaker"

References (4)

Core 4

Core References

Patch x_refsource_misc

https://github.com/gravitl/netmaker/pull/2170

Vendor Advisory x_refsource_confirm

https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx

Patch x_refsource_misc

https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51

View Patch ZIP pw:eip

Patch x_refsource_misc

https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657

View Patch ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0315

EPSS Percentile 86.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-321 CWE-798

Status published

Products (4)

gravitl/netmaker < 0.17.1

gravitl/netmaker 0 - 0.17.1Go

gravitl/netmaker 0.18.0 - 0.18.6Go

netmaker/netmaker < 0.17.1

Published Aug 24, 2023

Tracked Since Feb 18, 2026