TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak (
https://www.leviathansecurity.com/blog/tunnelvision).
Long story short:
Using DHCP option 121 (Classless Static Route Option, RFC 3442) the attacker installs static routes with a specific gateway on the target system. Traffic for those networks will be sent to the gateway and won't enter the VPN tunnel, i.e. that traffic is exposed. Network engineers would simply say: the more specifc route wins. This is neither new nor surprising. But it's good to make more people aware of this potential pitfall when connected to an unknown network and using a VPN.
Home
Help
Search
Login
Register
