← Back

CVE-2026-24902

nvd nist
Published: Jan 29, 2026Modified: Feb 20, 2026

JSON object

Loading...
7.1
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Exploitability: 2.8 / Impact: 4.2
Source: security-advisories@github.com (Secondary)

Description

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In `tcp_forwarder.rs`, SSRF protection for `allow_private_network_connections = false` was only applied in the `TcpDestination::HostName(peer)` path. The `TcpDestination::Address(peer) => peer` path proceeded to `TcpStream::connect()` without equivalent checks (for example `is_global_ip`, `is_loopback`), allowing loopback/private targets to be reached by supplying a numeric IP. The vulnerability is fixed in version 0.9.114.

Affected (1)

Products: Adguard: Trusttunnel
Adguard
1 product
Trusttunnel
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Trusttunnel
Before 0.9.114

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (2)

Source: security-advisories@github.com
Patch
Source: security-advisories@github.com
ExploitPatchVendor Advisory

Timeline

No history available yet.