We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-35838



Description

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in the blocking of traffic" rather than to only WireGuard.

Reserved 2023-06-18 | Published 2023-08-09 | Updated 2024-10-18 | Assigner mitre

References

wireguard.com

tunnelcrack.mathyvanhoef.com/details.html

psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0015

cve.org (CVE-2023-35838)

nvd.nist.gov (CVE-2023-35838)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2023-35838

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.