You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
By design, the DHCP protocol does not authenticate messages, including for example the classless static route option (121). An attacker with the ability to send DHCP messages can manipulate routes to redirect VPN traffic, allowing the attacker to read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Many, if not most VPN systems based on IP routing are susceptible to such attacks.
Search first
What Happened?
https://github.com/SagerNet/sing-box/releases/tag/v1.9.0-rc.16
https://sing-box.sagernet.org/manual/misc/tunnelvision/
https://www.cve.org/CVERecord?id=CVE-2024-3661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3661
By design, the DHCP protocol does not authenticate messages, including for example the classless static route option (121). An attacker with the ability to send DHCP messages can manipulate routes to redirect VPN traffic, allowing the attacker to read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Many, if not most VPN systems based on IP routing are susceptible to such attacks.
Minimal Reproducible Example (MRE)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3661
Expected Behavior
just fix it, like singbox 1.9.0-rc16 that
Version
all version currently
Platform/OS
Android, Windows, macOS, Linux, iOS
Additional Context
No response
Application Config Options
No response
Relevant log output
No response
Are you willing to submit a PR? If you know how to fix the bug.
The text was updated successfully, but these errors were encountered: