Skip to main content

Frr

1 CVEs product

Monthly

CVE-2026-5107 LOW PATCH Monitor

Remote improper access control in FRRouting FRR up to version 10.5.1 allows authenticated remote attackers to bypass authorization checks in the EVPN Type-2 Route Handler (process_type2_route function), potentially leading to integrity and availability impacts. The vulnerability requires high attack complexity and authenticated access (PR:L), limiting immediate exploitation risk. An upstream fix (commit 7676cad65114aa23adde583d91d9d29e2debd045) is available; no public exploit code or active CISA KEV designation identified at time of analysis.

Authentication Bypass Frr
NVD VulDB GitHub
CVSS 4.0
2.3
EPSS
0.0%
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Remote improper access control in FRRouting FRR up to version 10.5.1 allows authenticated remote attackers to bypass authorization checks in the EVPN Type-2 Route Handler (process_type2_route function), potentially leading to integrity and availability impacts. The vulnerability requires high attack complexity and authenticated access (PR:L), limiting immediate exploitation risk. An upstream fix (commit 7676cad65114aa23adde583d91d9d29e2debd045) is available; no public exploit code or active CISA KEV designation identified at time of analysis.

Authentication Bypass Frr
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy