Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences,
and encourage others to do better than you.
Redazione RHC : 23 June 2025 14:16
Many believe that using a VPN guarantees total protection while browsing, even on completely open and unsafe WiFi networks. Although VPNs are effective tools for encrypting traffic and preventing data interception, they are not able to protect us from all risks.
In the article below, we explain in detail how a VPN (Virtual Private Network) works. The article discusses VPN in depth, analyzing how it works and what specific advantages it offers. The different types of VPNs are described, the criteria for choosing the best solution, and best practices for implementing them safely.
While confirming what is reported in the article, namely that:
A VPN not only improves security and privacy, but also offers greater freedom and control over the information transmitted online, making it an essential tool for anyone who wants to protect their digital identity and sensitive data
It is essential to be aware of its limitations and potential vulnerabilities.
For example, the CVE-2024-3661 vulnerability, known as “TunnelVision“, demonstrates how it is possible for an attacker to redirect traffic outside the VPN tunnel without the user noticing. This attack uses DHCP option 121 to configure static routes on the victim’s system, allowing traffic to be routed through insecure channels without the user’s knowledge.
While we can say that a VPN protects data in transit, we must remember that for example it does not:
This demo video shows a POC of the CVE-2024-3661- Zscaler (TunnelVision) which highlights how an attacker can bypass the VPN tunnel by exploiting DHCP option 121:
Video by Leviathan Security Group
In In this article, we highlight how for example several fraudulent LetsVPN websites share a common user interface and are deliberately designed to distribute malware, masquerading as an authentic LetsVPN application.
In this other article, we discuss how some misconfigured vpn systems accept tunnel packets without verifying the sender. This allows attackers to send specially crafted packets containing the victim’s IP address to a vulnerable host, forcing the host to forward an internal packet to the victim, which opens the door for attackers to launch further attacks.
In the article we also highlight that the following CVEs have been identified:
VPNs are an important piece in protecting our digital identity and data in transit, but they do not offer complete protection against all threats. Like any security tool, they must be configured correctly, kept up to date and used responsibly and with awareness.
In general, VPNs are not a definitive or sufficient solution to guarantee security. It is essential to address the issue of network security starting from their nature: many infrastructures – especially open Wi-Fi networks – are born insecure “by design”.
In the next articles we will begin to explore the technical measures that can be adopted to strengthen these networks, protect users and reduce the risk of attacks, even in exposed or public environments.
➡️ Adopting a proactive security posture is essential: the conscious use of VPN must be just one of the tools in a broader and more structured approach, which we will explore step by step in the next articles on mitigations.
Redazione