5 matches found
K000150185: TCP/IP protocol vulnerabilities CVE-2024-7595, CVE-2024-7596, CVE-2025-23018, and CVE-2025-23019
Security Advisory Description CVE-2024-7595 GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected...
CVE-2025-23018
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling RFC 2473 do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136...
CVE-2025-23018
creationtimestamp| type| source ---|---|--- 2025-01-14 20:09:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1594 2025-01-14 20:16:37+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2yimjwk2c 2025-01-14 22:22:42+00:00| seen| https://t.me/cvedetector/15352...
CVE-2025-23018
CVE-2025-23018 covers the IPv4-in-IPv6 tunneling case where RFC 2473 traffic can be accepted without validating the packet source. The result is spoofing and potential to route arbitrary traffic via an exposed network interface. Connected sources corroborate a lack of source verification for cert...
CVE-2025-23018
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling RFC 2473 do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136...