By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Tech News

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers

By Viral Trending Content 4 Min Read
Share
SHARE

Jan 20, 2025Ravie LakshmananNetwork Security / Vulnerability

Tunneling Protocols

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks.

“Internet hosts that accept tunneling packets without verifying the sender’s identity can be hijacked to perform anonymous attacks and provide access to their networks,” Top10VPN said in a study, as part of a collaboration with KU Leuven professor and researcher Mathy Vanhoef.

As many as 4.2 million hosts have been found susceptible to the attacks, including VPN servers, ISP home routers, core internet routers, mobile network gateways, and content delivery network (CDN) nodes. China, France, Japan, the U.S., and Brazil top the list of the most affected countries.

Successful exploitation of the shortcomings could permit an adversary to abuse a susceptible system as one-way proxies, as well as conduct denial-of-service (DoS) attacks.

Cybersecurity

“An adversary can abuse these security vulnerabilities to create one-way proxies and spoof source IPv4/6 addresses,” the CERT Coordination Center (CERT/CC) said in an advisory. “Vulnerable systems may also allow access to an organization’s private network or be abused to perform DDoS attacks.”

The vulnerabilities are rooted in the fact that the tunneling protocols such as IP6IP6, GRE6, 4in6, and 6in4, which are mainly used to facilitate data transfers between two disconnected networks, do not authenticate and encrypt traffic without adequate security protocols like Internet Protocol Security (IPsec).

The absence of additional security guardrails opens the door to a scenario where an attacker can inject malicious traffic into a tunnel, a variation of a flaw that was previously flagged in 2020 (CVE-2020-10136).

They have been assigned the following CVE identifiers for the protocols in question –

  • CVE-2024-7595 (GRE and GRE6)
  • CVE-2024-7596 (Generic UDP Encapsulation)
  • CVE-2025-23018 (IPv4-in-IPv6 and IPv6-in-IPv6)
  • CVE-2025-23019 (IPv6-in-IPv4)

“An attacker simply needs to send a packet encapsulated using one of the affected protocols with two IP headers,” Top10VPN’s Simon Migliano explained.

Cybersecurity

“The outer header contains the attacker’s source IP with the vulnerable host’s IP as the destination. The inner header’s source IP is that of the vulnerable host IP rather than the attacker. The destination IP is that of the target of the anonymous attack.”

Thus when the vulnerable host receives the malicious packet, it automatically strips the outer IP address header and forwards the inner packet to its destination. Given that the source IP address on the inner packet is that of the vulnerable but trusted host, it’s able to get past network filters.

As defenses, it’s recommended to use IPSec or WireGuard to provide authentication and encryption, and only accept tunneling packets from trusted sources. At the network level, it’s also advised to implement traffic filtering on routers and middleboxes, carry out Deep packet inspection (DPI), and block all unencrypted tunneling packets.

“The impact on victims of these DoS attacks can include network congestion, service disruption as resources are consumed by the traffic overload, and crashing of overloaded network devices,” Migliano said. “It also opens up opportunities for further exploitation, such as man-in-the-middle attacks and data interception.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

You Might Also Like

Geotab survey reveals 90% of Irish van and lorry drivers ready to embrace in-cab AI coaching

Irish co-founded fintech Paygentic raises $2m in seed round

How to use Claude Code Web For Software Development in 2025

Apple Could be Forced to Allow Third Party App Stores on UK iPhones

Tinder Launches Mandatory Facial Verification to Weed Out Bots and Scammers

TAGGED: Cyber Security, Cybersecurity, ddos attack, Internet, IPSec, IPv6, network security, Vulnerability, WireGuard
Share This Article
Facebook Twitter Copy Link
Previous Article Ethereum Market Takeover: Expert Predicts Surge To $14,000 In Six Months
Next Article MEXC Unveils 2024 Annual Report: $100 Million Airdrop Distribution and 30 Million User Milestone Achieved
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Geotab survey reveals 90% of Irish van and lorry drivers ready to embrace in-cab AI coaching
Tech News
Three La Santé inmates in custody after Sarkozy taunted and threatened in French jail
World News
Elon Musk defends $1 trillion pay package: ‘I just don’t feel comfortable building a robot army here and then being ousted’
Business
Blockchain.com secures MiCA license, hires Malta insider to head EU expansion
Crypto
7% dividend yield! Are passive income investors sleeping on Mondi?
Business
Emily Ratajkowski Then & Now: Photos of the Model Through the Years
Celebrity
Jurassic World Evolution 3 Review – Life Finds a Way
Gaming News

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Geotab survey reveals 90% of Irish van and lorry drivers ready to embrace in-cab AI coaching

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Geotab survey reveals 90% of Irish van and lorry drivers ready to embrace in-cab AI coaching
October 23, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?