Vulnerabilidades em IETF
12 resultadosCVE-2020-10136—IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network trafficEPSS 26.5%CVE-2024-3596CRITICALRADIUS Protocol under RFC2865 is vulnerable to forgery attacks.EPSS 14.9%CVE-2024-3661HIGHDHCP routing options can manipulate interface-based VPN trafficEPSS 4.1%CVE-2024-7595MEDIUMGRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packetEPSS 1.5%CVE-2025-23018MEDIUMIPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowingEPSS 1.0%CVE-2025-23019MEDIUMIPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface.EPSS 0.9%CVE-2024-7596MEDIUMGeneric UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packetEPSS 0.8%CVE-2021-27853MEDIUML2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headersEPSS 0.7%CVE-2021-27854MEDIUML2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translationEPSS 0.7%CVE-2021-27862MEDIUML2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with an invalid length during Ethernet to Wifi frame translationEPSS 0.6%CVE-2021-27861MEDIUML2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with invalid lengthsEPSS 0.6%CVE-2025-27371MEDIUMIn certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, theEPSS 0.3%