DHCP routing options can manipulate interface-based VPN traffic

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

关键功能的认证机制缺失

DHCP 安全漏洞

DHCP是一个网络基础协议。 DHCP存在安全漏洞，该漏洞源于可以通过静态路由选项将路由添加到客户端的路由表，同一本地网络上的攻击者可以读取、破坏或修改受VPN保护的网络流量。

N/A

N/A