Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.7
Netmaker Server Can Be Shut Down Repeatedly by Any User
GHSA-rhr9-hgcm-x289
CVE-2026-29771
GHSA-rhr9-hgcm-x289
Summary
Prior to version 1.2.0, Netmaker's API allowed any user to shut down the server, then quickly restart it, causing the server to repeatedly stop and start. This could lead to a denial of service. Update to version 1.2.0 or later to fix this issue.
What to do
- Update github.com gravitl to version 1.2.0.
- Update gravitl github.com/gravitl/netmaker to version 1.2.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| github.com | gravitl | <= 1.2.0 | 1.2.0 |
| gravitl | github.com/gravitl/netmaker | <= 1.2.0 | 1.2.0 |
| gravitl | netmaker | <= 1.2.0 | – |
Original title
Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repea...
Original description
Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart intervals. This issue has been patched in version 1.2.0.
ghsa CVSS4.0
8.7
Vulnerability type
CWE-404
Published: 7 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026