Vulnerabilities > CVE-2021-23270 - Excessive Iteration vulnerability in Gargoyle-Router Gargoyle 1.12.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
gargoyle-router
CWE-834

Summary

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Vulnerable Configurations

Part Description Count
Application
Gargoyle-Router
1

Common Weakness Enumeration (CWE)