Go modules package
github.com/adguardteam/adguardhome
pkg:golang/github.com/adguardteam/adguardhome
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-32136 | — | < 0.107.73 | 0.107.73 | Mar 11, 2026 | AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext (h2c). Once the upgrade is accepte | ||
| CVE-2024-36814 | Med | 4.9 | < 0.107.53 | 0.107.53 | Oct 8, 2024 | An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory. | |
| CVE-2024-36586 | Hig | 8.8 | >= 0.93, <= 0.107.51 | — | Jun 13, 2024 | An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary. | |
| CVE-2022-32175 | — | >= 0.95, < 0.108.0-b.16 | 0.108.0-b.16 | Oct 11, 2022 | In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rule |
- CVE-2026-32136Mar 11, 2026affected < 0.107.73fixed 0.107.73
AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext (h2c). Once the upgrade is accepte
- affected < 0.107.53fixed 0.107.53
An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory.
- affected >= 0.93, <= 0.107.51
An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary.
- CVE-2022-32175Oct 11, 2022affected >= 0.95, < 0.108.0-b.16fixed 0.108.0-b.16
In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rule