3 matches found
CLSA-2025-1764322970 NetworkManager: Fix of CVE-2024-3661
CVE-2024-3661: fix TunnelVision vulnerability by preventing DHCP option 121 route manipulation that could bypass VPN encryption and leak traffic...
GHSA-HQMP-G7PH-X543 TunnelVision - decloaking VPNs using DHCP
A new decloaking technique for nearly all VPN implementations has been found, which allows attackers to inject entries into the routing tables of unsuspecting victims using DHCP option 121. This allows attackers to redirect traffic, which is supposed to be sent encrypted over the VPN, through the...
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have detailed a Virtual Private Network VPN bypass technique dubbed TunnelVision that allows threat actors to snoop on victim's network traffic by just being on the same local network. The "decloaking" method has been assigned the CVE identifier CVE-2024-3661 CVSS score: 7.6. It impac...