Frr
Monthly
Remote improper access control in FRRouting FRR up to version 10.5.1 allows authenticated remote attackers to bypass authorization checks in the EVPN Type-2 Route Handler (process_type2_route function), potentially leading to integrity and availability impacts. The vulnerability requires high attack complexity and authenticated access (PR:L), limiting immediate exploitation risk. An upstream fix (commit 7676cad65114aa23adde583d91d9d29e2debd045) is available; no public exploit code or active CISA KEV designation identified at time of analysis.
Remote improper access control in FRRouting FRR up to version 10.5.1 allows authenticated remote attackers to bypass authorization checks in the EVPN Type-2 Route Handler (process_type2_route function), potentially leading to integrity and availability impacts. The vulnerability requires high attack complexity and authenticated access (PR:L), limiting immediate exploitation risk. An upstream fix (commit 7676cad65114aa23adde583d91d9d29e2debd045) is available; no public exploit code or active CISA KEV designation identified at time of analysis.