Products > Networking & Wireless

TunnelVision (CVE-2024-3661): decloak routing-based VPNs


TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak (

Long story short:
Using DHCP option 121 (Classless Static Route Option, RFC 3442) the attacker installs static routes with a specific gateway on the target system. Traffic for those networks will be sent to the gateway and won't enter the VPN tunnel, i.e. that traffic is exposed. Network engineers would simply say: the more specifc route wins. This is neither new nor surprising. But it's good to make more people aware of this potential pitfall when connected to an  unknown network and using a VPN.


[0] Message Index

There was an error while thanking
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod