Volerion logoVolerion
Volerion logoVolerion

OpenThread NAT64 Translator Improper Input Validation Vulnerability Allowing IPv4 Packet Injection

Vulnerability

A vulnerability exists in the NAT64 translator of OpenThread, prior to commit 26a882d, across all platforms. This issue stems from improper input validation, which allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh. Additionally, crafted IPv4 packets with specific options can be used to bypass security checks.

Impact

Exploitation of this vulnerability could lead to the injection of malicious IPv6 packets into the Thread mesh network, potentially disrupting network operations or compromising security. Furthermore, the ability to craft IPv4 packets that bypass security checks could be exploited to manipulate network behavior or access restricted resources.

Remediation

Users can update to the latest version of OpenThread to address this vulnerability.

Added: May 13, 2026, 4:00 PM
Updated: May 13, 2026, 4:00 PM

Vulnerability Rating

Custom Algorithm
spread
4.5
impact
2.5
exploitability
5.6
remediation
7.7
relevance
8.2
threat
3.2
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.