{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30402", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-19T15:57:39.690Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T15:07:25.145Z"}, "descriptions": [{"lang": "en", "value": "An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/tianshiyeben/wgcloud/issues/96"}, {"url": "https://github.com/TTTlw1024/qwe/issues/1"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T15:56:56.429088Z", "id": "CVE-2026-30402", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T15:57:39.690Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30402", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-19T15:56:56.429088Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T15:55:52.135Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/tianshiyeben/wgcloud/issues/96"}, {"url": "https://github.com/TTTlw1024/qwe/issues/1"}], "descriptions": [{"lang": "en", "value": "An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T15:07:25.145Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30402", "state": "PUBLISHED", "dateUpdated": "2026-03-19T15:57:39.690Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-19T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0A85F70-246E-427F-9EB8-331FFF1AF484", "versionEndIncluding": "2.3.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function"}, {"lang": "es", "value": "Un problema en wgcloud v.2.3.7 y versiones anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de prueba de conexi\u00f3n."}], "id": "CVE-2026-30402", "lastModified": "2026-04-02T12:20:47.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-19T15:16:26.190", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/TTTlw1024/qwe/issues/1"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://github.com/tianshiyeben/wgcloud/issues/96"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.3.7]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "wgcloud", "vendor": "tianshiyeben"}], "analysis": {"en": {"generated_at": "2026-04-02T13:27:27.449439+00:00", "value": {"mitigation_remediation": ["Upgrade wgcloud to the latest available version that resolves the test connection code injection flaw.", "If an immediate upgrade is not feasible, block external access to the test connection API endpoint and limit traffic to trusted internal networks.", "Disable or remove the test connection feature if it is not required for operational purposes.", "Regularly review logs for unexpected use of the test connection functionality.", "Keep the underlying operating system and any third\u2011party components up\u2011to\u2011date to reduce the risk of related vulnerabilities."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "All installations of wgcloud 2.3.7 or earlier, regardless of operating system, are vulnerable. The product is referenced by the CPE entry cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:* and is commonly used in environments that rely on WG Cloud for VPN configuration and management.", "description_and_impact": "A code injection flaw exists in the test connection function of wgcloud version 2.3.7 and earlier. The vulnerability, classified as CWE\u201194, allows a remote attacker to supply malicious payloads that are executed by the server, leading to full remote code execution. This can compromise the confidentiality, integrity, and availability of the host system, potentially granting an attacker unrestricted control.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 9.8, indicating critical severity. EPSS reports a probability of less than 1\u202f%, suggesting that while exploitation is unlikely, the impact if it occurs would be catastrophic. The issue is not yet part of the CISA KEV catalog. Exploitation requires network access to the test connection endpoint, and the attack vector is remote. No defensive conditions beyond patching are specified in the advisories."}}}}, "created": "2026-03-20T08:57:16.369203+00:00", "updated": "2026-04-02T20:23:25.039565+00:00", "vendors": ["tianshiyeben", "tianshiyeben$PRODUCT$wgcloud"]}