FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control

2.3 / 10

LOW

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

Description

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.

Basic Information

ID CVE-2026-5107

Source VulDB

Published Mar 30, 2026 at 05:00

Modified Mar 30, 2026 at 16:02

Affected Product

Vendor FRRouting

Product FRR

Version 10.5.0

Affected Versions FRRouting FRR 10.5.0
FRRouting FRR 10.5.1

CWE Classification

CWE-284 CWE-266

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.",
    "published": "2026-03-30T05:00:19.025Z",
    "modified": "2026-03-30T16:02:10.336Z",
    "type": "cve",
    "title": "FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/354132\nhttps://vuldb.com/vuln/354132/cti\nhttps://vuldb.com/submit/780123\nhttps://github.com/FRRouting/frr/pull/21098\nhttps://github.com/FRRouting/frr/commit/7676cad65114aa23adde583d91d9d29e2debd045\nhttps://github.com/FRRouting/frr/",
    "id": "CVE-2026-5107",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "FRRouting FRR 10.5.0\nFRRouting FRR 10.5.1",
    "sourceHref": "",
    "cvss": {
        "score": 2.3,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FRR",
    "version": "10.5.0",
    "vendor": "FRRouting",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control_CVE-2026-5107