GHSA-wrq8-fcv5-8hvp: Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet coordinator
Summary
Coder's tailnet coordinator (the server managing a private network) didn't validate that `AllowedIPs` (IP address ranges an agent claims to serve) matched the agent's identity, even though it did validate the agent's regular addresses. This let a malicious authenticated agent claim another agent's IP address and intercept traffic meant for that agent, such as web terminal sessions. Exploiting this required an authenticated user with a modified agent binary.
Solution / Mitigation
Upgrade to a patched version: v2.34.2 (for release line 2.34), v2.33.8 (for 2.33), v2.32.7 (for 2.32), or v2.29.17 (for ESR 2.29). The fix validates each `AllowedIPs` prefix against the authenticating agent's UUID, matching how `Addresses` are already validated. If you cannot upgrade immediately, monitor coordinator logs for agents advertising unexpected `AllowedIPs` prefixes.
Vulnerability Details
EPSS: 0.0%
Yes
July 6, 2026
Classification
Taxonomy References
Affected Vendors
Affected Packages
Related Issues
Original source: https://github.com/advisories/GHSA-wrq8-fcv5-8hvp
First tracked: July 6, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 75%