Published Date: December 28, 2024
Package | Affected Versions | Patched Versions | Severity |
---|---|---|---|
📦 quincy (Rust) | <= 0.13.0 | – | Moderate |
Description
Vulnerability Details
A flaw affects nearly all VPN implementations, allowing attackers to exploit DHCP option 121. By injecting entries into routing tables, attackers can redirect traffic meant to pass securely through a VPN. Instead, traffic flows through the local network interface, bypassing encryption entirely.
In short: your VPN might not be as private as you think.
Impact
Every VPN user is potentially at risk. This vulnerability isn’t limited to a single VPN type or vendor—it’s a systemic weakness.
Patches & Workarounds
Workarounds
Disable DHCP option 121 in your DHCP client configuration. This prevents routing table injections via DHCP.
While not a perfect fix, it reduces exposure until a proper patch is available.
Recommendation
- Disable DHCP option 121 in your network settings.
- Monitor the Quincy repository for updates.
- Avoid using public or untrusted networks until a patch is released.