Ipv6
CVE-2025-23019
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface.
AnalysisAI
IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-940. IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface. Affected products include: Ietf Ipv6.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. Rated high se
An issue was discovered in Treck IPv6 before 6.0.1.68. Rated high severity (CVSS 7.3), this vulnerability is remotely ex
An issue was discovered in Treck IPv6 before 6.0.1.68. Rated high severity (CVSS 7.1), this vulnerability is no authenti
An issue was discovered in Treck IPv6 before 6.0.1.68. Rated medium severity (CVSS 5.3), this vulnerability is remotely
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a netw
Same technique Information Disclosure
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today