CVE-2024-7596

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

Proposed Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered similar to CVE-2020-10136.

Related Vulnerabilities

CVE-2001-1533

MEDIUM
CVSS:5.3(Medium)

Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying ...

NVD-CWE-Other2001

CVE-2013-7446

MEDIUM
CVSS:5.3(Medium)

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted ep...

NVD-CWE-Other2013

CVE-2014-5278

MEDIUM
CVSS:5.3(Medium)

A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.

NVD-CWE-Other2014

CVE-2015-7279

MEDIUM
CVSS:5.3(Medium)

Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by...

NVD-CWE-Other2015

CVE-2015-8287

MEDIUM
CVSS:5.3(Medium)

Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL.

NVD-CWE-Other2015