- Description
- IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.7
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
- Severity
- MEDIUM
- cve@mitre.org
- CWE-940
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
CVE-2025-23018 https://t.co/bQCZ1GYOvv とか、当たり前のことを言ってるようにしか見えないんだけど頭回ってないのかな。そういう仕様であることを忘れてとんでも無頓着設定が流行ってるから注意してねってことかしら。
@potepotetamago
23 Jan 2025
19 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
ICYMI—the SEI's CERT Division released a vulnerability note: insecure implementation of tunneling protocols (GRE/IPIP/4in6/6in4). (CVE-2020-10136, CVE-2024-7595, CVE-2024-7596, CVE-2025-23018, and CVE-2025-23019) https://t.co/yKpfXOEaVX https://t.co/onq3OwwNde
@SEI_CMU
22 Jan 2025
151 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23018 IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and … https://t.co/fXHxvlkT7U
@CVEnew
19 Jan 2025
379 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ietf:ipv6:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9143AE03-F25A-4C4A-9037-DFBC9B4F5FB8"
}
],
"operator": "OR"
}
]
}
]