CVE Database · CVE-2020-10136
CVSS v3.1
5.3
EPSS
26.46%
Published
Jun 2, 2020
Modified
Nov 3, 2025
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LWeaknesses (CWE)
Affected Products (328)
References (11)
...and 278 more