FlagThis

A new report reveals that over 4.2 million internet hosts, including VPN servers, routers, and CDN nodes are vulnerable to attacks due to unsecured tunneling protocols. These protocols, such as IP6IP6, GRE6, 4in6, and 6in4, lack proper authentication and encryption, allowing attackers to hijack these systems for anonymous attacks, gain unauthorized access to networks, and launch amplified denial-of-service (DoS) attacks. The vulnerabilities stem from the fact that these protocols do not verify the sender's identity or encrypt data, creating an opening for malicious traffic injection.

Researchers have identified specific CVE identifiers for these vulnerabilities including CVE-2024-7595 (GRE and GRE6), CVE-2024-7596 (Generic UDP Encapsulation), and CVE-2025-23018/23019 (IPv4-in-IPv6 and IPv6-in-IPv4). Successful exploitation allows threat actors to abuse vulnerable systems as one-way proxies, conduct denial-of-service attacks using methods like "Ping-Pong Amplification," and perform man-in-the-middle attacks. It has been found that almost 40% of vulnerable Autonomous Systems fail to filter spoofing hosts, which greatly amplifies the risk. Experts recommend using security protocols like IPSec or WireGuard to secure systems against these attacks.

ImgSrc: www.csoonline.com

References:

• Vulnerability Archives ? Cybersecurity News - New Tunneling Protocol Vulnerabilities Expose 4.2 Million Hosts to Cyberattacks - 9d
• The Hacker News - Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers - 9d
• VMware offers fixes to severe vulnerabilities in VMware Aria | CSO Online - Millions of tunneling hosts are vulnerable to spoofing, DDoS attacks, say researchers - 9d
• securityonline.info - New Tunneling Protocol Vulnerabilities Expose 4.2 Million Hosts to Cyberattacks - 9d

Classification:

• HashTags: Tunneling Vulnerability DDoS
• Target: Internet Hosts
• Product: Tunneling Protocols
• Feature: Tunneling Protocols
• Type: Vulnerability
• Severity: Major