Tag
Unauthenticated network attackers can exploit a cryptographically weak one-time link token generation vulnerability, CVE-2026-63089, in WireGuard Easy through version 15.3.0 by brute-forcing a limited keyspace against the unauthenticated `/cnf/:oneTimeLink` route, allowing them to recover WireGuard peer credentials (PrivateKey and PresharedKey) and impersonate legitimate peers to gain unauthorized VPN access.