CVE-2022-41925

Name of the Vulnerable Software and Affected Versions Tailscale client versions prior to v1.32.3

Description A vulnerability in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. The peer API was vulnerable to DNS rebinding, allowing an attacker-controlled website to rebind DNS for the peer API to an attacker-controlled DNS server and make peer API requests in the client. This access can be used to read the node’s environment variables, including any credentials or secrets stored in environment variables, such as Tailscale authentication keys. The peer API access could also be used to learn of other nodes in the tailnet or send files via Taildrop. There is no evidence of this vulnerability being purposefully triggered or exploited.

Recommendations Upgrade to v1.32.3 or later to remediate the issue. As a temporary workaround, consider restricting access to the peer API until a patch is available. Avoid using the Tailscale client until the issue is resolved. If you have any questions or comments about this advisory, contact Tailscale support.