GRE and GRE6 Protocols Traffic Spoofing Vulnerability

Vulnerability

A vulnerability exists in the Generic Routing Encapsulation (GRE) and GRE6 protocols, as defined in RFC 2784, due to a lack of validation for the source of network packets. This flaw allows an attacker to spoof and route arbitrary traffic through an exposed network interface. The vulnerability can lead to spoofing, bypassing access controls, and causing unexpected network behaviors.

Impact

Exploitation of this vulnerability can result in spoofing attacks, bypassing of access controls, and other unanticipated network issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GRE and GRE6 Protocols Traffic Spoofing Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating