Description
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2.
Published: 2026-05-12
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

WGDashboard contains a flaw that allows an attacker to read arbitrary files on the host’s file system without any authentication. The vulnerability stems from missing input validation and authentication checks, resulting in a confidentiality breach. An attacker who can reach the dashboard’s web interface can trigger the flaw and obtain sensitive configuration or credential files, enabling further attacks or lateral movement.

Affected Systems

All installations of WGDashboard earlier than version 4.3.2 are affected. Any instance that has not applied the latest release carries this risk.

Risk and Exploitability

The CVSS score of 9.3 indicates a very high impact and potential for exploitation. The EPSS score is not available; however, the lack of a KEV listing suggests that no mass exploitation has yet been reported. Based on the description, it is inferred that an attacker who can reach the dashboard’s web interface can trigger the flaw, potentially without needing elevated privileges. Once exploited, arbitrary file reading is possible, providing a pathway for privilege escalation or data exfiltration. The vulnerability remains high risk until patched.

Generated by OpenCVE AI on May 12, 2026 at 20:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade WGDashboard to version 4.3.2 or newer.
  • If an immediate upgrade is not possible, enforce strict input validation for any file‑path parameters: use a whitelist of allowed directories and canonicalize paths before accessing the file system to prevent arbitrary file reads.
  • Limit dashboard exposure by placing it behind a VPN or firewall so only trusted administrators can reach it, and enforce strong authentication.

Generated by OpenCVE AI on May 12, 2026 at 20:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2.
Title WGDashboard: Critical Vulnerability in 4.3.2
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-12T19:02:27.170Z

Reserved: 2026-05-05T19:52:59.148Z

Link: CVE-2026-44343

cve-icon Vulnrichment

Updated: 2026-05-12T19:02:21.825Z

cve-icon NVD

Status : Received

Published: 2026-05-12T18:17:30.483

Modified: 2026-05-12T18:17:30.483

Link: CVE-2026-44343

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T21:00:13Z

Weaknesses