CVE-2024-7595

MEDIUM

GRE/GRE6 - Spoofing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-7595. PoCs published by PapayaJackal.

AI-analyzed exploit summary This repository contains a scanner and attack suite for exploiting CVE-2020-10136, which involves insecure implementation of IP-in-IP and GRE tunneling protocols. The tools allow sending spoofed IP packets via vulnerable hosts, enabling attacks like DNS amplification DDoS.

Description

GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered similar to CVE-2020-10136.

Exploits (1)

nomisec WORKING POC 11 stars

by PapayaJackal · poc

https://github.com/PapayaJackal/ipeeyoupeewepee

View Code ZIP pw:eip

This repository contains a scanner and attack suite for exploiting CVE-2020-10136, which involves insecure implementation of IP-in-IP and GRE tunneling protocols. The tools allow sending spoofed IP packets via vulnerable hosts, enabling attacks like DNS amplification DDoS.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Cisco routers and other devices with IP-in-IP/GRE tunneling

No auth needed

Prerequisites: Vulnerable host with IP-in-IP or GRE tunneling enabled · Public IPv4 address for scanning · Open UDP port for receiving responses

MITRE ATT&CK

T1498 - Network Denial of Service T1090 - Proxy

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Technical Description, Related

https://datatracker.ietf.org/doc/html/rfc2784

Technical Description, Related

https://www.rfc-editor.org/rfc/rfc6169.html

Third Party Advisory, US Government Resource

https://www.kb.cert.org/vuls/id/199397

Scores

CVSS v3 6.5

EPSS 0.0149

EPSS Percentile 70.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

Status published

Products (2)

ietf/generic_routing_encapsulation

ietf/generic_routing_encapsulation6

Published Feb 05, 2025

Tracked Since Feb 18, 2026