PT-2026-35745 · Netmaker · Netmaker
Ravindu Wickramasinghe
+1
·
Published
2026-04-28
·
Updated
2026-04-29
·
CVE-2026-38651
CVSS v3.1
8.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Netmaker versions prior to 1.5.0
Description
An authentication bypass exists because the
VerifyHostToken() function in logic/jwts.go does not validate the JWT (JSON Web Token) signature when verifying host tokens. This allows an attacker to forge a JWT signed with an arbitrary key to impersonate any host in the network and access sensitive information.Recommendations
Update to version 1.5.0 or later.
As a temporary workaround, restrict access to the
VerifyHostToken() function until the update is applied.Exploit
Fix
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netmaker