CVE-2023-32077

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.17.1 Netmaker versions 0.18.0 through 0.18.5

Description Hardcoded DNS key usage has been found in Netmaker, allowing unauthorized users to interact with DNS API endpoints. The issue is patched in version 0.17.1 and fixed in version 0.18.6.

Recommendations For versions prior to 0.17.1, upgrade to version 0.17.1 or later. For versions 0.18.0 through 0.18.5, upgrade to version 0.18.6 or later. If using version 0.17.1, run docker pull gravitl/netmaker:v0.17.1 and docker-compose up -d to switch to the patched version. As a temporary workaround for version 0.17.1, pull the latest docker image of the backend and restart the server.