*SANS Internet Storm Center Stormcast* Podcast Highlights Tailscale Audit Tool and Legacy Device Vulnerabilities

7 Jan 2026

CybersecurityVulnerabilitiesNetworkSecurityOpenSourceToolsVPNsLegacyDevicesFirmwareRisks

The SANS Internet Storm Center Stormcast podcast from January 7, 2026, hosted by Johannes Ullrich in Jacksonville, Florida, covers two main topics. First, the Tail Snitch tool, designed to audit Tailscale (a WireGuard-based VPN) configurations. This open-source software, written in Go, detects issues such as outdated Tailscale versions or access tokens without expiration. It operates in read-only mode or with automatic correction, though the latter is not recommended for critical networks.

The podcast also highlights vulnerabilities in outdated equipment: unsupported DSL modems (discontinued since 2013) exploiting a flaw in the DNS_cfg.cgi script to enable remote command execution, with no patches planned. Another case involves the Total Links EX200 extender, where an interrupted firmware update can activate an unauthenticated Tnet server, exposing the device. The last EX200 update was in 2023, suggesting it is end-of-life.

SANS Internet Storm Center Stormcast Podcast Highlights Tailscale Audit Tool and Legacy Device Vulnerabilities

SANS Internet Storm Center Stormcast Podcast Highlights Tailscale Audit Tool and Legacy Device Vulnerabilities