Gravitl netmaker is a network management tool that leverages WireGuard for creating secure networks. Prior to version 1.5.0, netmaker contained an authorization vulnerability identified as CVE-2026-29195 (CWE-863: Incorrect Authorization). The vulnerability exists in the user update handler endpoint (PUT /api/users/{username}), which allows users with admin privileges to update other users' roles. While the code prevents an admin from assigning the admin role to others, it lacks equivalent validation for the super-admin role. Consequently, an admin user can escalate privileges by assigning the super-admin role to any user account, effectively granting full control over the netmaker environment. This privilege escalation does not require additional authentication or user interaction, making it a direct and straightforward attack vector for insiders or compromised admin accounts. The vulnerability affects all netmaker versions prior to 1.5.0 and was patched in that release. The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required beyond admin, no user interaction, and high impact on integrity. No known exploits are reported in the wild as of now. The root cause is insufficient role validation logic in the API endpoint responsible for user updates, highlighting the importance of strict authorization checks in role management features.

The primary impact of CVE-2026-29195 is unauthorized privilege escalation within netmaker deployments. An attacker with admin-level access can promote themselves or others to super-admin, gaining unrestricted control over network configurations, user management, and potentially sensitive network traffic routed via WireGuard. This could lead to full compromise of the network infrastructure managed by netmaker, including interception or manipulation of network traffic, disruption of network services, and unauthorized access to connected systems. Organizations relying on netmaker for secure network management face risks of insider threats or compromised admin accounts being leveraged to gain super-admin privileges. The vulnerability undermines the principle of least privilege and could facilitate lateral movement or persistent access within an organization's network. Although exploitation requires existing admin privileges, the ease of privilege escalation and lack of user interaction make this a significant risk. The medium CVSS score reflects the balance between required privileges and the high impact of the escalation. If exploited in critical environments, the consequences could be severe, including data breaches, service outages, and loss of network integrity.

To mitigate this vulnerability, organizations should immediately upgrade netmaker to version 1.5.0 or later, where the authorization checks have been corrected. Until upgrading is possible, restrict admin user privileges to only trusted personnel and monitor admin activities closely for suspicious role assignment attempts. Implement strict access controls and audit logging on the user update API endpoint to detect unauthorized privilege escalations. Employ network segmentation and multi-factor authentication (MFA) for admin accounts to reduce the risk of credential compromise. Additionally, conduct regular reviews of user roles and permissions within netmaker to ensure no unauthorized super-admin assignments exist. Consider deploying runtime application self-protection (RASP) or web application firewalls (WAF) with custom rules to detect and block anomalous API requests attempting to assign super-admin roles. Finally, educate administrators on the risks of privilege escalation and enforce the principle of least privilege in all network management operations.