Millions of Routers at Risk From Tunneling Protocol Flaws

More than 4.2 million internet-connected systems, including routers and VPN servers, are vulnerable due to flaws in commonly used tunneling protocols, researchers from the DistriNet-KU Leuven group found. Millions of routers at risk are accepting unauthenticated traffic through protocols such as IPIP, GRE, and 6in4, exposing them to spoofing, unauthorized access, and denial-of-service threats.

The vulnerabilities stem from improper configurations and the lack of built-in authentication in these protocols. Attackers can exploit them to mask their origin, infiltrate networks, or launch large-scale attacks. Millions of routers at risk could also be used as one-way proxies, helping adversaries hide their identity.

Researchers uncovered three new attack types: TuTL, Ping-Pong, and Economic Denial of Sustainability. Affected regions include China, the U.S., France, Japan, and Brazil. Assigned CVEs include CVE-2024-7595 and CVE-2025-23018. Experts urge organizations to restrict traffic to trusted IPs and adopt IPsec for stronger security.

4M+ Internet-Exposed Systems at Risk From Tunneling Protocol Vulnerabilities