cvedb.io
CVE-2026-24902
HIGH · CVSS 7.1
EPSS exploitation probability: 0%
Published 2026-01-29T22:15:54.893 · Last modified 2026-06-17T10:23:46.783

Summary

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In `tcp_forwarder.rs`, SSRF protection for `allow_private_network_connections = false` was only applied in the `TcpDestination::HostName(peer)` path. The `TcpDestination::Address(peer) => peer` path proceeded to `TcpStream::connect()` without equivalent checks (for example `is_global_ip`, `is_loopback`), allowing loopback/private targets to be reached by supplying a numeric IP. The vulnerability is fixed in version 0.9.114.

Affected products

adguard — trusttunnel

Does this affect you?

Add your gear to cvedb and we'll alert you only when adguard ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.