Platform
go
Component
github.com/h44z/wg-portal
Fixed in
2.1.4
2.1.4
2.1.3
CVE-2026-27899 describes a Privilege Escalation vulnerability affecting the wg-portal project (github.com/h44z/wg-portal). This flaw allows an authenticated user to self-update to an administrator level, granting them unauthorized access and control. The vulnerability impacts versions prior to 2.1.3, and a patch is available in version 2.1.3.
Successful exploitation of CVE-2026-27899 allows an attacker to elevate their privileges within the wg-portal system. This means a standard user could gain administrative access, potentially leading to complete control over the WireGuard portal configuration, user management, and network settings. An attacker could modify network rules, expose sensitive data, or even compromise the underlying infrastructure. The blast radius extends to any systems accessible through the compromised portal, making it a critical security concern.
This vulnerability was publicly disclosed on 2026-03-10. There are currently no known public exploits or active campaigns targeting this vulnerability. It is not listed on the CISA KEV catalog. The vulnerability's impact is significant due to the potential for complete administrative control, but the lack of public exploits suggests a lower immediate risk.
Exploit Status
EPSS
0.06% (18% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-27899 is to immediately upgrade wg-portal to version 2.1.3 or later. If an upgrade is not immediately feasible, consider restricting user self-update capabilities within the portal's configuration. Review user access controls and audit logs for any suspicious activity. While a direct detection signature is challenging, monitor user activity for unexpected privilege escalations or administrative actions performed by users who should not have those permissions.
Update WireGuard Portal to version 2.1.3 or later. This version fixes the vulnerability that allows non-administrator users to escalate privileges to administrator. The update can be performed by downloading the new version from the official repository or using the 'latest' Docker image which includes the fix.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-27899 is a HIGH severity vulnerability in wg-portal (github.com/h44z/wg-portal) allowing users to escalate privileges to admin level via self-update before version 2.1.3.
You are affected if you are using wg-portal versions prior to 2.1.3. Immediately upgrade to the latest version to mitigate this risk.
Upgrade wg-portal to version 2.1.3 or later. If immediate upgrade is not possible, restrict user self-update capabilities.
Currently, there are no known public exploits or active campaigns targeting CVE-2026-27899, but the potential impact warrants immediate attention.
Refer to the wg-portal project's repository (github.com/h44z/wg-portal) for updates and advisories related to CVE-2026-27899.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your go.mod file and we'll tell you instantly if you're affected.