Skip to content

Unrestricted traffic between Wireguard clients.

Moderate
moloch-- published GHSA-q8j9-34qf-7vq7 Oct 27, 2025

Package

gomod github.com/BishopFox/sliver (Go)

Affected versions

<= 1.5.43
1.6.0-dev

Patched versions

v1.5.44
8e5c5f14506d6d60ebb3362e6b9857ab1e0d76ff

Description

Summary

Sliver's custom Wireguard netstack doesn't limit traffic between Wireguard clients, this could lead to:

  1. Leaked/recovered keypair (from a beacon) being used to attack operators.
  2. Port forwardings usable from other implants.

Details

  1. Sliver treat operators' Wireguard config and beacon/session's Wireguard config equally, they both connect to the wireguard listener created from the CLI.

  2. The current netstack implementation does not filter traffic between clients.
    I think this piece of code handle traffic between clients, from experimental results clients can ping and connect to each other freely, and I didn't see any filtering here either:

File: server\c2\wireguard.go
246: func socketWGWriteEnvelope(connection net.Conn, envelope *sliverpb.Envelope) error {
247: 	data, err := proto.Marshal(envelope)
248: 	if err != nil {
249: 		wgLog.Errorf("Envelope marshaling error: %v", err)
250: 		return err
251: 	}
252: 	dataLengthBuf := new(bytes.Buffer)
253: 	binary.Write(dataLengthBuf, binary.LittleEndian, uint32(len(data)))
254: 	connection.Write(dataLengthBuf.Bytes())
255: 	connection.Write(data)
256: 	return nil
257: }
258: 

  1. The docs says to use a Wireguard clients and operator wg-config to connect to the same WG listener as beacons:
    https://sliver.sh/docs?name=Port%20Forwarding

  2. If the operator uses official wireguard clients that integrates with the OS's netstack (I'm using the Windows client) then their services are accessible on the wireguard interface's IP address (for example 100.64.0.3) when the services listen on 0.0.0.0 (SSH, RDP, SMB, etc)
    image

  3. The beacon's wireguard private key can be recovered through a process dump or other forensic techniques.

  4. When a private key is recovered, an attacker can connect to 100.64.0.1:1337 (key exchange listener) to generate new wireguard clients without the operators' knowledge, in that way achieve persistence inside the wireguard network.

PoC

Easy way:

  1. Create 2 operators wireguard config.
  2. Connect them both to the wireguard listener.
  3. From one machine, ping/scan/connect to the other's services like RDP (3389), SSH (22), etc.

Slightly complicated way:

  1. From the operator's machine, connect to the wireguard listener.

  2. On the attacker's machine, run a beacon.

  3. Dump the process

  4. Find the private key, public key, endpoint, etc in the dump file:
    image
    image
    image
    image

  5. Construct a valid Wireguard config based on the strings found. On the attacker's machine, connect to the Wireguard listener.

  6. Ping/scan/connect to the other's services like RDP (3389), SSH (22), etc.

Impact

The operator's machine is impacted, if their services contain a vulnerability, an attacker can exploit it and gain RCE. If not then it could be used to gather information (Hostname, SSH signature, etc).

Suggestion

  1. Filter traffic between clients with a default-deny policy.
  2. Differentiate between operators and beacons' wireguard config/client
  3. Only allow specific one-way traffic when the operator request to open a Wireguard port forward.

Vulnerable versions

All versions containing wireguard functionality.

Severity

Moderate

CVSS overall score

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).
/ 10

CVSS v3 base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

CVSS v3 base metrics

Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.
Attack complexity: More severe for the least complex attacks.
Privileges required: More severe if no privileges are required.
User interaction: More severe when no user interaction is required.
Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.
Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.
Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.
Availability: More severe when the loss of impacted component availability is highest.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVE ID

CVE-2025-27093

Weaknesses

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. Learn more on MITRE.

Credits