{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30402", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-19T15:57:39.690Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T15:07:25.145Z"}, "descriptions": [{"lang": "en", "value": "An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/tianshiyeben/wgcloud/issues/96"}, {"url": "https://github.com/TTTlw1024/qwe/issues/1"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T15:56:56.429088Z", "id": "CVE-2026-30402", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T15:57:39.690Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30402", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-19T15:56:56.429088Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T15:55:52.135Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/tianshiyeben/wgcloud/issues/96"}, {"url": "https://github.com/TTTlw1024/qwe/issues/1"}], "descriptions": [{"lang": "en", "value": "An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T15:07:25.145Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30402", "state": "PUBLISHED", "dateUpdated": "2026-03-19T15:57:39.690Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-19T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0A85F70-246E-427F-9EB8-331FFF1AF484", "versionEndIncluding": "2.3.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function"}, {"lang": "es", "value": "Un problema en wgcloud v.2.3.7 y versiones anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de prueba de conexi\u00f3n."}], "id": "CVE-2026-30402", "lastModified": "2026-04-02T12:20:47.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-19T15:16:26.190", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/TTTlw1024/qwe/issues/1"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://github.com/tianshiyeben/wgcloud/issues/96"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.3.7]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "wgcloud", "vendor": "tianshiyeben"}], "analysis": {"en": {"generated_at": "2026-03-19T17:51:12.813173+00:00", "value": {"mitigation_remediation": ["Upgrade wgcloud to a version newer than 2.3.7.", "If an upgrade is not possible, disable or block the test connection API endpoint at the application or network level.", "Apply network segmentation and firewall rules to restrict access to the wgcloud API endpoints.", "Monitor logs for anomalous test connection activity and investigate suspicious attempts.", "Report the issue to the wgcloud maintainers for a definitive fix."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "wgcloud v2.3.7 and all earlier releases. No other vendors products are listed in the CNA data; the flaw affects any installation of wgcloud before version 2.3.7.", "description_and_impact": "An issue exists in the test connection function of wgcloud v.2.3.7 and earlier that permits an attacker to execute arbitrary code. The vulnerability is identified as CWE-94, indicating code injection or execution weaknesses. If successfully exploited, an attacker can gain complete control of the affected system, compromising confidentiality, integrity, and availability of the instance and any downstream services.", "risk_and_exploitability": "The CVSS score is 9.8, indicating a critical severity. EPSS data is not available, so exploitation likelihood cannot be quantified, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote via the test connection API exposed over the network. Successful exploitation enables arbitrary code execution, allowing the attacker to fully compromise the host system."}}}}, "created": "2026-03-20T08:57:16.369203+00:00", "title": "wgcloud v2.3.7 and Earlier Remote Code Execution via Test Connection", "updated": "2026-03-25T11:51:46.343747+00:00", "vendors": ["tianshiyeben", "tianshiyeben$PRODUCT$wgcloud"]}