admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-7595.md
0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00

19 lines
933 B
Markdown
Raw Blame History

### [CVE-2024-7595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7595)
![](https://img.shields.io/static/v1?label=Product&message=RFC2784%20-%20Generic%20Routing%20Encapsulation%20(GRE)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20STD%201%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-290%20Authentication%20Bypass%20by%20Spoofing&color=brighgreen)
### Description
GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors.
This can be considered similar to CVE-2020-10136.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/PapayaJackal/ipeeyoupeewepee
- https://github.com/vanhoefm/tunneltester
Reference in New Issue View Git Blame Copy Permalink