A cryptographically weak one-time link token in WireGuard Easy (wg-easy) lets unauthenticated network attackers brute-force and steal VPN peer credentials, earning a CVSS 9.3 CRITICAL rating.
What Is It
CVE-2026-63089 is a weak random-value token generation flaw in WireGuard Easy through version 15.3.0. The application's one-time link token is computed using CRC32 over a random value constrained to the range 0–999, producing a keyspace of at most 1000 candidate tokens per client ID. Because the tokens are predictable, an unauthenticated attacker can enumerate candidates against the /cnf/:oneTimeLink route. That route lacks rate limiting and does not validate token expiration, allowing brute-force recovery of a peer's PrivateKey and PresharedKey. The vulnerability is classified under CWE-338 (weak PRNG) and CWE-613 (insufficient session expiration).
Why It Matters
With valid credentials in hand, an attacker can impersonate a legitimate peer on the VPN network; directly undermining the confidentiality the VPN is meant to provide. The flaw is network-exploitable (AV:N), requires low attack complexity (AC:L), and needs no privileges or user interaction. The VulnCheck advisory assigns a CVSS 3.1 base score of 9.3 (CRITICAL) with a scope change, reflecting that a compromised token grants access to resources beyond the vulnerable component itself. A CVSS 4.0 score of 9.0 is also recorded.
What's Vulnerable
- Product: wg-easy (WireGuard Easy)
- Affected versions: All releases up to and including 15.3.0
- Fixed in: commit
66b292b
Patch Status
The issue is fixed in commit 66b292b11bde3664f05ffb016c8082665d261ded, delivered via pull request #2661. Administrators running wg-easy 15.3.0 or earlier should upgrade to a build containing this fix. No CISA KEV entry was supplied, so active exploitation is not confirmed in this source material.