CVE-2025-23019

Medium CVSS: 5.4

IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface.

Vendor

Product

CWE

Yayın Tarihi

2025-01-14 20:15:32

Güncelleme

2025-11-03 21:19:14

Source Identifier

cve@mitre.org

KEV Date Added

CWE-940 Ipv6 MEDIUM Ietf 2025

https://datatracker.ietf.org/doc/html/rfc4213 https://papers.mathyvanhoef.com/usenix2025-tunnels.pdf https://www.top10vpn.com/research/tunneling-protocol-vulnerability/ https://www.kb.cert.org/vuls/id/199397

Medium

CVE-2024-7595

GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet allowing an attacker to spoof…

Medium

CVE-2024-7596

Proposed Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet allowing…

Medium

CVE-2025-23018

IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a netw…