Lucene search
K

7 matches found

NVD
NVD
added 2025/02/05 6:15 p.m.30 views

CVE-2024-7595

GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...

6.5CVSS0.01488EPSS
Exploits0References3
NVD
NVD
added 2025/02/05 6:15 p.m.32 views

CVE-2024-7596

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

6.5CVSS0.0081EPSS
Exploits0References3
CVE
CVE
added 2025/02/05 5:37 p.m.86 views

CVE-2024-7596

CVE-2024-7596 / CVE-2025-23018 (and related CVEs) involve tunneling protocols that do not validate the source of a network packet. Specifically: The GRE/GRE6 (CVE-2024-7595) and Propose d Generic UDP Encapsulation (GUE) (CVE-2024-7596) cases describe lack of source verification in encapsulated tr...

6.5CVSS6.5AI score0.0081EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/02/05 5:37 p.m.18 views

CVE-2024-7596 Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

0.0081EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/14 12:0 a.m.23 views

CVE-2025-23018

IPv4-in-IPv6 and IPv6-in-IPv6 tunneling RFC 2473 do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136...

5.4CVSS0.0101EPSS
Exploits0References3
CVE
CVE
added 2025/01/14 12:0 a.m.93 views

CVE-2025-23018

CVE-2025-23018 covers the IPv4-in-IPv6 tunneling case where RFC 2473 traffic can be accepted without validating the packet source. The result is spoofing and potential to route arbitrary traffic via an exposed network interface. Connected sources corroborate a lack of source verification for cert...

6.5CVSS7.2AI score0.0101EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/07/29 11:15 p.m.20 views

CVE-2024-27823

A race condition was addressed with improved locking. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.3, watchOS 10.5. An attacker in a privileged network position may be able to...

5.9CVSS0.00687EPSS
Exploits0References25
Rows per page
Query Builder