4.2 Million VPNs and Routers at Risk: Major Security Flaw Exposes Global Networks

4.2 Million VPNs and Routers at Risk: Major Security Flaw Exposes Global Networks

Security Flaws Discovered in Major Tunneling Protocols

A collaborative research effort between Top10VPN and KU Leuven professor Mathy Vanhoef has revealed critical security vulnerabilities affecting multiple tunneling protocols. The study identified approximately 4.2 million vulnerable hosts worldwide, including VPN servers, ISP routers, mobile network gateways, and CDN nodes.

The vulnerabilities, primarily affecting China, France, Japan, the U.S., and Brazil, enable attackers to:
– Create one-way proxies
– Conduct denial-of-service (DoS) attacks
– Spoof IPv4/6 addresses
– Potentially access private networks

The security flaws stem from tunneling protocols (IP6IP6, GRE6, 4in6, and 6in4) lacking proper authentication and encryption without IPsec implementation. These vulnerabilities have been assigned specific CVE identifiers:
– CVE-2024-7595 (GRE and GRE6)
– CVE-2024-7596 (Generic UDP Encapsulation)
– CVE-2025-23018 (IPv4-in-IPv6 and IPv6-in-IPv6)
– CVE-2025-23019 (IPv6-in-IPv4)

Attack Mechanism:
Attackers can exploit these vulnerabilities by sending specially crafted packets with dual IP headers, allowing them to bypass network filters through trusted but vulnerable hosts.

Recommended Security Measures:
– Implement IPSec or WireGuard for authentication and encryption
– Accept tunneling packets only from trusted sources
– Deploy traffic filtering on routers and middleboxes
– Perform Deep packet inspection (DPI)
– Block unencrypted tunneling packets

The vulnerabilities can lead to network congestion, service disruption, device crashes, and potential man-in-the-middle attacks.

Share This Article