2024-05-06 20:03:28 +00:00
{
"id" : "CVE-2024-3661" ,
"sourceIdentifier" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"published" : "2024-05-06T19:15:11.027" ,
2025-01-15 17:04:07 +00:00
"lastModified" : "2025-01-15T16:50:28.667" ,
"vulnStatus" : "Analyzed" ,
2024-07-01 20:04:24 +00:00
"cveTags" : [ ] ,
2024-05-06 20:03:28 +00:00
"descriptions" : [
{
"lang" : "en" ,
2024-05-08 18:03:29 +00:00
"value" : "DHCP can add routes to a client\u2019s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN."
2024-05-07 20:03:28 +00:00
} ,
{
"lang" : "es" ,
"value" : "Por dise\u00f1o, el protocolo DHCP no autentica mensajes, incluida, por ejemplo, la opci\u00f3n de ruta est\u00e1tica sin clases (121). Un atacante con la capacidad de enviar mensajes DHCP puede manipular rutas para redirigir el tr\u00e1fico VPN, lo que le permite leer, interrumpir o posiblemente modificar el tr\u00e1fico de red que se esperaba que estuviera protegido por la VPN. Muchos, si no la mayor\u00eda, de los sistemas VPN basados en enrutamiento IP son susceptibles a este tipo de ataques."
2024-05-06 20:03:28 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
2024-05-07 02:03:21 +00:00
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.6 ,
"baseSeverity" : "HIGH" ,
2024-05-06 20:03:28 +00:00
"attackVector" : "ADJACENT_NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
2024-05-07 02:03:21 +00:00
"scope" : "UNCHANGED" ,
2024-05-06 20:03:28 +00:00
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "LOW" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "LOW"
2024-05-06 20:03:28 +00:00
} ,
"exploitabilityScore" : 2.8 ,
2024-05-07 02:03:21 +00:00
"impactScore" : 4.7
2025-01-15 17:04:07 +00:00
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" ,
"baseScore" : 7.6 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "ADJACENT_NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "LOW"
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 4.7
2024-05-06 20:03:28 +00:00
}
]
} ,
"weaknesses" : [
{
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-306"
} ,
{
"lang" : "en" ,
"value" : "CWE-501"
}
]
2025-01-15 17:04:07 +00:00
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-306"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:linux:*:*" ,
"versionStartIncluding" : "6.4.0" ,
"versionEndExcluding" : "7.2.5" ,
"matchCriteriaId" : "F0918F54-0052-42BD-A73E-CFF198B9EC48"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:*" ,
"versionStartIncluding" : "6.4.0" ,
"versionEndExcluding" : "7.2.5" ,
"matchCriteriaId" : "81B7F626-84B5-47A5-959F-735D6250C147"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*" ,
"versionStartIncluding" : "6.4.0" ,
"versionEndExcluding" : "7.2.5" ,
"matchCriteriaId" : "5E714EAF-73AB-41EA-AC57-E59B78FD7853"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:linux:*:*" ,
"matchCriteriaId" : "7B728862-1FAB-47B4-823D-2C19CBF76DAD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:macos:*:*" ,
"matchCriteriaId" : "0A079CA4-D957-402A-B899-31F26A89DF00"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:windows:*:*" ,
"matchCriteriaId" : "6B512696-8596-4458-ADC9-24DD3C6C377B"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:anyconnect_vpn_client:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "59289E79-5A0A-4675-B7D4-C759401736A9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:secure_client:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE81F5D2-269B-4098-AA9F-2DBCA3CB8813"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:iphone_os:*:*" ,
"matchCriteriaId" : "8EEBB31D-BC9C-4EAD-86B1-8B95AB118A2D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:linux:*:*" ,
"matchCriteriaId" : "4814D5DB-A96C-4D91-9DAE-87FF0DA101D2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*" ,
"matchCriteriaId" : "72F88FEB-766B-4FCD-B78E-0E8E5E2B5CCA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*" ,
"matchCriteriaId" : "D5537140-CDA3-4410-B101-24D1AB3624EA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:citrix:secure_access_client:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "24.06.1" ,
"matchCriteriaId" : "CB344FC1-AD7C-4988-A703-8B2CD0AEF57C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B5415705-33E5-46D5-8E4D-9EBADC8C5705"
} ,
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:citrix:secure_access_client:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "24.8.5" ,
"matchCriteriaId" : "697D4070-101A-45B1-99B1-F33ECF03945C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "7.2.3" ,
"versionEndIncluding" : "7.2.5" ,
"matchCriteriaId" : "FB16CE4D-183C-44B9-A5FF-6F9FA3C0A618"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "3A7F605E-EB10-40FB-98D6-7E3A95E310BC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.5" ,
"matchCriteriaId" : "E8FEC1DE-D11F-4DC8-8B21-51BAF1731A5F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.2" ,
"matchCriteriaId" : "9DE3A941-B898-4EAB-9073-C6A312E59FC5"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:watchguard:ipsec_mobile_vpn_client:*:*:*:*:*:macos:*:*" ,
"matchCriteriaId" : "FFB4A7FD-AC96-490D-9CBB-72166D46C4FD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:watchguard:ipsec_mobile_vpn_client:*:*:*:*:*:windows:*:*" ,
"matchCriteriaId" : "2EAD2DBA-3038-4EF8-8BAE-80BD3DA97B33"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:watchguard:mobile_vpn_with_ssl:*:*:*:*:*:macos:*:*" ,
"matchCriteriaId" : "AB8A39F6-8AD5-4B9D-92E4-7E28EE78C5B2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:watchguard:mobile_vpn_with_ssl:*:*:*:*:*:windows:*:*" ,
"matchCriteriaId" : "0AF97158-6BB8-47CA-8214-98D2F801C8BA"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:linux:*:*" ,
"versionEndExcluding" : "1.5.1.25" ,
"matchCriteriaId" : "1F206869-8FCE-40AE-ADDC-62F221E00004"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:macos:*:*" ,
"versionEndExcluding" : "4.2.0.282" ,
"matchCriteriaId" : "7D37D825-E2B8-4924-AA8A-ACB0E08A3C61"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:linux:*:*" ,
"versionStartIncluding" : "3.7" ,
"versionEndExcluding" : "3.7.0.134" ,
"matchCriteriaId" : "4EC77FDF-1E1A-4638-9C9F-DA4205FDD69B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zscaler:client_connector:-:*:*:*:*:windows:*:*" ,
"matchCriteriaId" : "C057E1BC-C7BA-4EAF-8200-560035118FA0"
}
]
}
]
2024-05-06 20:03:28 +00:00
}
] ,
"references" : [
2024-05-07 20:03:28 +00:00
{
"url" : "https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Press/Media Coverage"
]
2024-05-07 20:03:28 +00:00
} ,
2024-07-01 20:04:24 +00:00
{
"url" : "https://bst.cisco.com/quickview/bug/CSCwk05814" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Vendor Advisory"
]
2024-07-01 20:04:24 +00:00
} ,
2024-05-06 20:03:28 +00:00
{
"url" : "https://datatracker.ietf.org/doc/html/rfc2131#section-7" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Related"
]
2024-05-06 20:03:28 +00:00
} ,
{
"url" : "https://datatracker.ietf.org/doc/html/rfc3442#section-7" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Related"
]
2024-05-06 20:03:28 +00:00
} ,
2024-07-01 20:04:24 +00:00
{
"url" : "https://fortiguard.fortinet.com/psirt/FG-IR-24-170" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Vendor Advisory"
]
2024-07-01 20:04:24 +00:00
} ,
2024-05-07 20:03:28 +00:00
{
"url" : "https://issuetracker.google.com/issues/263721377" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Issue Tracking"
]
2024-05-07 20:03:28 +00:00
} ,
{
"url" : "https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Press/Media Coverage"
]
2024-05-07 20:03:28 +00:00
} ,
{
"url" : "https://lowendtalk.com/discussion/188857/a-rogue-dhcp-server-within-your-network-can-and-will-hijack-your-vpn-traffic" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Issue Tracking"
]
2024-05-07 20:03:28 +00:00
} ,
{
"url" : "https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Third Party Advisory"
]
2024-05-07 20:03:28 +00:00
} ,
2024-07-01 20:04:24 +00:00
{
"url" : "https://my.f5.com/manage/s/article/K000139553" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Vendor Advisory"
]
2024-07-01 20:04:24 +00:00
} ,
2024-05-07 08:03:28 +00:00
{
"url" : "https://news.ycombinator.com/item?id=40279632" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Issue Tracking"
]
2024-05-07 08:03:28 +00:00
} ,
2024-05-07 20:03:28 +00:00
{
"url" : "https://news.ycombinator.com/item?id=40284111" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Issue Tracking"
]
2024-05-07 20:03:28 +00:00
} ,
2024-07-01 20:04:24 +00:00
{
"url" : "https://security.paloaltonetworks.com/CVE-2024-3661" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Vendor Advisory"
]
2024-07-01 20:04:24 +00:00
} ,
{
"url" : "https://support.citrix.com/article/CTX677069/cloud-software-group-security-advisory-for-cve20243661" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Vendor Advisory"
]
2024-07-01 20:04:24 +00:00
} ,
2024-05-06 20:03:28 +00:00
{
2024-05-07 02:03:21 +00:00
"url" : "https://tunnelvisionbug.com/" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
2024-05-07 02:03:21 +00:00
} ,
2024-05-07 20:03:28 +00:00
{
"url" : "https://www.agwa.name/blog/post/hardening_openvpn_for_def_con" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Related"
]
2024-05-07 20:03:28 +00:00
} ,
2024-05-07 02:03:21 +00:00
{
"url" : "https://www.leviathansecurity.com/research/tunnelvision" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Third Party Advisory"
]
2024-05-07 20:03:28 +00:00
} ,
2024-05-08 23:58:22 +00:00
{
"url" : "https://www.theregister.com/2024/05/07/vpn_tunnelvision_dhcp/" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Press/Media Coverage"
]
2024-05-08 23:58:22 +00:00
} ,
2024-07-01 20:04:24 +00:00
{
"url" : "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00009" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Mitigation" ,
"Third Party Advisory"
]
2024-07-01 20:04:24 +00:00
} ,
2024-05-07 20:03:28 +00:00
{
"url" : "https://www.zscaler.com/blogs/security-research/cve-2024-3661-k-tunnelvision-exposes-vpn-bypass-vulnerability" ,
2025-01-15 17:04:07 +00:00
"source" : "9119a7d8-5eab-497f-8521-727c672e3725" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Press/Media Coverage"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://bst.cisco.com/quickview/bug/CSCwk05814" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://datatracker.ietf.org/doc/html/rfc2131#section-7" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Related"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://datatracker.ietf.org/doc/html/rfc3442#section-7" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Related"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://fortiguard.fortinet.com/psirt/FG-IR-24-170" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://issuetracker.google.com/issues/263721377" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Press/Media Coverage"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://lowendtalk.com/discussion/188857/a-rogue-dhcp-server-within-your-network-can-and-will-hijack-your-vpn-traffic" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://my.f5.com/manage/s/article/K000139553" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://news.ycombinator.com/item?id=40279632" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://news.ycombinator.com/item?id=40284111" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://security.paloaltonetworks.com/CVE-2024-3661" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://support.citrix.com/article/CTX677069/cloud-software-group-security-advisory-for-cve20243661" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://tunnelvisionbug.com/" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.agwa.name/blog/post/hardening_openvpn_for_def_con" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Related"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.leviathansecurity.com/research/tunnelvision" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.theregister.com/2024/05/07/vpn_tunnelvision_dhcp/" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Press/Media Coverage"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00009" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Mitigation" ,
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.zscaler.com/blogs/security-research/cve-2024-3661-k-tunnelvision-exposes-vpn-bypass-vulnerability" ,
2025-01-15 17:04:07 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Vendor Advisory"
]
2024-05-06 20:03:28 +00:00
}
]
}
