ietf News Articles
Recent news articles refferecing the vendors vulnerabilities.
Cyber Security NewsCVE-2024-3596RADIUS Protocol Vulnerability Impacted Multiple Cisco Products
A critical vulnerability in the Remote Authentication Dial-In User Service (RADIUS) protocol has been disclosed, affecting multiple Cisco products. The vulnerability, CVE-2024-3596, allows an on-path attacker...
BrandefenseCVE-2024-3596BlastRADIUS Vulnerability (CVE-2024-3596) Exposes RADIUS Protocol to Critical Network Security Risk – Brandefense
A newly identified vulnerability (CVE-2024-3596), dubbed "BlastRADIUS," has been discovered in the RADIUS protocol, posing a critical risk to network security.
OpenWrt ForumCVE-2024-3661Possible vulnerability: TunnelVision (CVE-2024-3661) - For Developers - OpenWrt Forum
Hi! Found following article: And this video: Can anyone official from OpenWRT check this an patch if it is present?
The Hacker NewsCVE-2024-3661New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
Help Net SecurityCVE-2024-3661Attackers may be using TunnelVision to snoop on users' VPN traffic (CVE-2024-3661) - Help Net Security
A new attack method dubbed TunnelVision (CVE-2024-3661) can be used to intercept and snoop on VPN users' traffic.
Leviathan Security GroupCVE-2024-3661TunnelVision — Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory
TunnelVision (CVE-2024-3661) : Novel technique for decloaking VPN traffic. Discovered in 2023, this technique allows attackers to reroute traffic intended for VPN interfaces to the local network.
GL.iNetCVE-2024-3661Are Glinet mobile router protected against CVE-2024-3661 (tunnelvision)? - Technical Support for Routers - GL.iNet
I read this article today (in German, need to translate to English via Chrome): There seems to be an issue with DHCP protocol, allowing to set routes via DHCP, which would compromise any VPN on the router, because it …
CVE-2024-3661, a.k.a. TunnelVision, Exposes a VPN Bypass Vulnerability | Zscaler
CVE-2024-3661 | TunnelVision vulnerability bypasses VPN encapsulation, directing traffic outside the tunnel. Mitigate with DHCP snooping & ARP protections.
Leviathan Security GroupCVE-2024-3661CVE-2024-3661: TunnelVision - How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak — Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory
We discovered a fundamental design problem in VPNs and we're calling it TunnelVision. This problem lets someone see what you're doing online, even if you think you're safely using a VPN.
Help Net SecurityCVE-2023-44487Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487) - Help Net Security
HTTP/2 Rapid Reset (CVE-2023-44487), a zero-day vulnerability has been used to mount massive, high-volume DDoS attacks.