GO-2022-1119 Tailscale daemon is vulnerable to information disclosure via CSRF in tailscale.com

Tailscale daemon is vulnerable to information disclosure via CSRF in tailscale.com...

PT-2023-21719 · Tailscale · Tailscale

Name of the Vulnerable Software and Affected Versions: Tailscale versions 1.34.0 through 1.38.2 Description: A vulnerability in the implementation of Tailscale SSH on FreeBSD allows commands to be run with a higher privilege group ID than that specified in Tailscale SSH access rules. This issue...

CVE-2022-41925 Tailscale daemon is vulnerable to information disclosure via CSRF

A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...

Tailscale 跨站请求伪造漏洞

Tailscale is an open source WireGuard based application from Tailscale. Can provide a secure private network for any size team . Tailscale v1.32.3 before the version of the cross-site request forgery vulnerability , the vulnerability stems from allowing malicious websites to access the peer-to-pe...