Description
An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function
Published: 2026-03-19
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A code injection flaw exists in the test connection function of wgcloud version 2.3.7 and earlier. The vulnerability, classified as CWE‑94, allows a remote attacker to supply malicious payloads that are executed by the server, leading to full remote code execution. This can compromise the confidentiality, integrity, and availability of the host system, potentially granting an attacker unrestricted control.

Affected Systems

All installations of wgcloud 2.3.7 or earlier, regardless of operating system, are vulnerable. The product is referenced by the CPE entry cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:* and is commonly used in environments that rely on WG Cloud for VPN configuration and management.

Risk and Exploitability

The vulnerability carries a CVSS score of 9.8, indicating critical severity. EPSS reports a probability of less than 1 %, suggesting that while exploitation is unlikely, the impact if it occurs would be catastrophic. The issue is not yet part of the CISA KEV catalog. Exploitation requires network access to the test connection endpoint, and the attack vector is remote. No defensive conditions beyond patching are specified in the advisories.

Generated by OpenCVE AI on April 2, 2026 at 13:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade wgcloud to the latest available version that resolves the test connection code injection flaw.
  • If an immediate upgrade is not feasible, block external access to the test connection API endpoint and limit traffic to trusted internal networks.
  • Disable or remove the test connection feature if it is not required for operational purposes.
  • Regularly review logs for unexpected use of the test connection functionality.
  • Keep the underlying operating system and any third‑party components up‑to‑date to reduce the risk of related vulnerabilities.

Generated by OpenCVE AI on April 2, 2026 at 13:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title wgcloud v2.3.7 and Earlier Remote Code Execution via Test Connection

Thu, 02 Apr 2026 12:30:00 +0000

Type Values Removed Values Added
First Time appeared Wgstart
Wgstart wgcloud
CPEs cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:*
Vendors & Products Wgstart
Wgstart wgcloud

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Title wgcloud v2.3.7 and Earlier Remote Code Execution via Test Connection

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Tianshiyeben
Tianshiyeben wgcloud
Vendors & Products Tianshiyeben
Tianshiyeben wgcloud

Thu, 19 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Description An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function
References

Subscriptions

Tianshiyeben Wgcloud
Wgstart Wgcloud
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-19T15:57:39.690Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30402

cve-icon Vulnrichment

Updated: 2026-03-19T15:55:52.135Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-19T15:16:26.190

Modified: 2026-04-02T12:20:47.040

Link: CVE-2026-30402

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T20:23:25Z

Weaknesses