CVE-2022-41924

Name of the Vulnerable Software and Affected Versions Tailscale Windows client versions prior to v1.32.3

Description A vulnerability in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon tailscaled, enabling remote code execution. The local API was bound to a local TCP socket and communicated with the Windows client GUI in cleartext with no Host header verification, allowing an attacker-controlled website to rebind DNS to an attacker-controlled DNS server and make local API requests. This can lead to an attacker-controlled coordination server sending malicious URL responses, including pushing executables or installing an SMB share, which allows remote code execution on the node.

Recommendations If you are running Tailscale on Windows, upgrade to v1.32.3 or later to remediate the issue.