Network Packet Spoofing Vulnerability in Generic UDP Encapsulation by IETF
CVE-2024-7596
6.5MEDIUM
What is CVE-2024-7596?
The Generic UDP Encapsulation (GUE) draft specification proposed by IETF has been identified with a vulnerability that allows an attacker to spoof the source of network packets. Due to a lack of validation and verification of incoming network packets, malicious actors can redirect arbitrary traffic through exposed network interfaces. This flaw can lead to significant security risks, including unauthorized access and unexpected behaviors in network administration. For additional insights into the vulnerability, refer to the official IETF draft and the RFC documentation.
Affected Version(s)
draft-ietf-intarea-gue-09 GUE-09