VYPR
Vendor

Adguardteam

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2026-41448CriJun 8, 2026
    risk 0.61cvss 9.4epss 0.01

    AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the…

  • CVE-2024-36586HigJun 13, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary.

  • CVE-2021-27935HigMar 3, 2021
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie.

  • CVE-2022-32175MedOct 11, 2022
    risk 0.28cvss 5.4epss 0.00

    In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering…

  • CVE-2024-36814MedOct 8, 2024
    risk 0.25cvss 4.9epss 0.01

    An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory.

  • CVE-2026-32136Mar 11, 2026
    risk 0.00cvss epss 0.01

    AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext (h2c). Once the upgrade is…