CVE-2022-25667

Name of the Vulnerable Software and Affected Versions Cisco versions (affected versions not specified) NetGear versions (affected versions not specified) Mercury versions (affected versions not specified) Huawei versions (affected versions not specified) TP-Link versions (affected versions not specified) H3C versions (affected versions not specified) Tenda versions (affected versions not specified) Ruijie versions (affected versions not specified) Snapdragon Wired Infrastructure and Networking versions (affected versions not specified)

Description The issue is related to the improper handling of ICMP requests, which can lead to information disclosure. It is also associated with the lack of proper filtering of fake ICMP messages, allowing a remote attacker to implement a spoofing attack. Additionally, the vulnerability can be exploited to intercept traffic in wireless networks protected by WPA, WPA2, and WPA3 protocols by manipulating ICMP packets with the "redirect" flag.

Recommendations For all affected versions, consider disabling the handling of ICMP requests with the "redirect" flag as a temporary workaround until a patch is available. Restrict access to the vulnerable kernel module to minimize the risk of exploitation. Avoid using the ICMP protocol in sensitive network operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.