#VU80417 Use of hard-coded credentials in Netmaker - CVE-2023-32077

Cybersecurity Help s.r.o.

Published: 2023-09-05

Vulnerability identifier: #VU80417

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-32077

CWE-ID: CWE-798

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Netmaker
Web applications / Other software

Vendor: GRAVITL

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can interact with DNS API endpoints.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Netmaker: 0.1 - 0.18.5

External links
https://github.com/gravitl/netmaker/pull/2170
https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51
https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657
https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Netmaker