VYPR
Unrated severityOSV Advisory· Published Jan 29, 2026· Updated Jan 29, 2026

TrustTunnel has SSRF and private network restriction bypass via numeric address destinations

CVE-2026-24902

Description

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcp_forwarder.rs, SSRF protection for allow_private_network_connections = false was only applied in the TcpDestination::HostName(peer) path. The TcpDestination::Address(peer) => peer path proceeded to TcpStream::connect() without equivalent checks (for example is_global_ip, is_loopback), allowing loopback/private targets to be reached by supplying a numeric IP. The vulnerability is fixed in version 0.9.114.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • v0.9.100, v0.9.102, v0.9.105, …+ 1 more
    • (no CPE)range: v0.9.100, v0.9.102, v0.9.105, …
    • (no CPE)range: <0.9.114

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.