is vulnerable to privilege escalation. The vulnerability exists due to insufficient granularity of access control in netmaker which allows a remote authenticated attacker to gain elevated privileges on the system by sending a specially-crafted request using the API.