New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

2024-05-09 17:55

Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim's network traffic by just being on the same local network. The "decloaking" method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has

News URL

https://thehackernews.com/2024/05/new-tunnelvision-attack-allows.html

#attack #dhcp #hijacking #VPN #CVE-2024-3661

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-06	CVE-2024-3661	Missing Authentication for Critical Function vulnerability in multiple products DHCP can add routes to a client’s routing table via the classless static route option (121). low complexity fortinet cisco paloaltonetworks citrix f5 watchguard zscaler CWE-306	7.6

News URL

Related news

Related Vulnerability