CVE-2026-29194 is an authorization bypass vulnerability identified in gravitl netmaker, a network management tool that leverages WireGuard for secure networking. The vulnerability stems from improper validation logic in the Authorize middleware prior to version 1.5.0. Specifically, when a route is configured to allow host authentication (hostAllowed=true), the middleware accepts any valid host JWT token and bypasses further authorization checks that would normally verify whether the host is permitted to access the requested resource. This means that an attacker who possesses a valid host token and knows object identifiers such as node IDs or host IDs can craft malicious requests to access, modify, or delete resources belonging to other hosts. Affected endpoints include critical functions such as node information retrieval, host deletion, MQTT signal transmission, fallback host updates, and failover operations. The vulnerability allows unauthorized access and manipulation of network resources, potentially leading to disruption or data compromise. The flaw does not require user interaction and can be exploited remotely over the network with low complexity, given possession of a valid host token. The vulnerability has been assigned a CVSS 4.0 score of 8.6 (high severity) reflecting its significant impact on confidentiality and integrity. The issue was publicly disclosed and patched in netmaker version 1.5.0, which corrects the authorization logic to properly verify host permissions on a per-resource basis.

This vulnerability poses a serious risk to organizations using gravitl netmaker versions prior to 1.5.0. Exploitation can lead to unauthorized access to sensitive network configuration data, unauthorized deletion or modification of hosts and nodes, and manipulation of network signaling and failover mechanisms. Such unauthorized actions can disrupt network operations, degrade service availability, and compromise the confidentiality and integrity of network infrastructure. Attackers could potentially pivot within the network or cause denial of service by deleting critical hosts or nodes. The breach of trust in host authorization undermines the security model of the network management system, increasing the risk of lateral movement and persistent compromise. Given netmaker’s role in managing WireGuard-based networks, organizations relying on it for secure connectivity may face elevated risks of network outages and data exposure. The lack of known exploits in the wild currently limits immediate widespread impact, but the vulnerability’s high severity and ease of exploitation make timely remediation critical.

Organizations should immediately upgrade gravitl netmaker to version 1.5.0 or later, where the authorization bypass has been fixed. In addition to patching, administrators should audit existing host tokens and revoke any that may have been compromised or issued without strict controls. Implement strict monitoring and logging of API requests related to host and node management to detect anomalous access patterns. Network segmentation and limiting the exposure of netmaker management interfaces to trusted networks can reduce the attack surface. Employ strong token issuance policies ensuring tokens are scoped with minimal privileges and short lifetimes. Conduct regular security reviews of access control configurations and verify that authorization checks are enforced on all sensitive endpoints. Where possible, implement multi-factor authentication for administrative access and consider additional application-layer protections such as Web Application Firewalls (WAFs) to detect and block suspicious requests targeting netmaker APIs.