IETF Proposed Generic UDP Encapsulation Vulnerability Allowing Traffic Spoofing and Access Control Bypass

Vulnerability

A vulnerability exists in the IETF Draft for Generic UDP Encapsulation (GUE) because it does not validate the source of network packets. This oversight allows attackers to spoof and route arbitrary traffic through an exposed network interface, potentially leading to spoofing, bypassing access controls, and other unexpected network behaviors. The issue is similar to that described in CVE-2020-10136.

Impact

Exploitation of this vulnerability could result in spoofing, bypassing access controls, and causing other unexpected network behaviors.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.4

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.4

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IETF Proposed Generic UDP Encapsulation Vulnerability Allowing Traffic Spoofing and Access Control Bypass

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating