Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

4 Million Systems Exposed to Tunneling Flaws

January 17, 2025
Reading Time: 2 mins read
in Alerts
4 Million Systems Exposed to Tunneling Flaws

New research by Mathy Vanhoef, a professor at KU Leuven University in Belgium, and PhD student Angelos Beitis, reveals that over 4 million systems worldwide, including VPN servers and home routers, are vulnerable to attacks due to tunneling protocol flaws. These vulnerabilities are primarily caused by misconfigured systems that accept tunneling packets without verifying the sender’s identity. The researchers found that various tunneling protocols, such as IPIP/IP6IP6, GRE/GRE6, 4in6, and 6in4, are vulnerable to exploitation, allowing attackers to exploit the flaws and launch a range of malicious attacks.

Tunneling protocols are essential for transporting data across different networks

Tunneling protocols are essential for transporting data across different networks, often used to run protocols like IPv6 over IPv4. However, they are susceptible to abuse if misconfigured. The research shows that when systems fail to authenticate packets properly, attackers can send specially crafted packets that contain a victim’s IP address. These packets are then forwarded to the victim by the vulnerable host, providing attackers with a method to launch attacks such as anonymous DoS attacks, DNS spoofing, and even gain access to internal networks and IoT devices.

The researchers conducted an internet-wide scan, identifying over 4.26 million vulnerable hosts, which include VPN servers, home routers provided by ISPs, core internet routers, mobile network gateways, and CDN nodes. Over 1.8 million of these vulnerable hosts are spoofing-capable, meaning attackers can conduct anonymous attacks by using any IP address as the source address for the inner packet. This allows attackers to remain undetected, making it significantly harder for network defenders to identify and mitigate the threat.

The study reveals that a majority of these vulnerable systems are located in China, followed by France. CVE identifiers CVE-2024-7595, CVE-2025-23018, CVE-2025-23019, and CVE-2024-7596 have been assigned to these vulnerabilities. The researchers have shared technical details of their findings and offered recommendations for mitigating the risks. They suggest that individual hosts, ISPs, and other network owners can implement defense measures to secure vulnerable systems and prevent attackers from leveraging these flaws for malicious purposes.

Reference:
  • Over 4 Million Systems Exposed to Tunneling Protocol Vulnerabilities
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityJanuary 2025
ADVERTISEMENT

Related Posts

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

June 13, 2025
VexTrio TDS Uses Adtech To Spread Malware

VexTrio TDS Uses Adtech To Spread Malware

June 13, 2025
VexTrio TDS Uses Adtech To Spread Malware

Old Discord Links Now Lead To Malware

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

SmartAttack Uses Sound To Steal PC Data

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

Coordinated Brute Force Hits Tomcat Manager

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

Pentest Tool TeamFiltration Hits Entra ID

June 12, 2025

Latest Alerts

Old Discord Links Now Lead To Malware

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

Coordinated Brute Force Hits Tomcat Manager

SmartAttack Uses Sound To Steal PC Data

Pentest Tool TeamFiltration Hits Entra ID

Subscribe to our newsletter

    Latest Incidents

    Cyberattack On Brussels Parliament Continues

    Swedish Broadcaster SVT Hit By DDoS

    Major Google Cloud Outage Disrupts Web

    AI Spam Hijacks Official US Vaccine Site

    DragonForce Ransomware Hits Philly Schools

    Erie Insurance Cyberattack Halts Operations

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial