Description
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.
Published: 2026-03-30
Score: 2.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized access to EVPN routing information
Action: Patch Immediately
AI Analysis

Impact

A flaw in the EVPN Type-2 Route Handler of FRRouting FRR, affecting releases up to 10.5.1, allows remote actors to manipulate the process_type2_route function in bgpd/bgp_evpn.c. The manipulation bypasses established access controls, enabling unauthorized changes to EVPN routing tables. While exploitation requires a high level of complexity and is reported as difficult, the vector is remote, suggesting that an attacker could potentially introduce incorrect routes or disrupt network traffic if successful.

Affected Systems

The affected product is FRRouting FRR, specifically versions up to 10.5.1. No other vendors or products are listed, and the flaw is limited to the EVPN Type-2 Route handling component.

Risk and Exploitability

The CVSS score of 2.3 indicates low severity, and the EPSS score of less than 1 percent signals a very small probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Although the attack is considered difficult and requires high complexity, the remote attack vector implies that a threat actor with sufficient skill could exploit the flaw. Based on the description, it is inferred that successful exploitation could allow an attacker to manipulate EVPN Type-2 routes, potentially altering routing decisions on the target. Because the exploit relies on a specific remote function in bgp_evpn.c, automated attacks would be challenging, but targeted attackers may still find value in compromising the host.

Generated by OpenCVE AI on March 31, 2026 at 06:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the FRRouting patch identified by commit hash 7676cad65114aa23adde583d91d9d29e2debd045 or upgrade to a version newer than 10.5.1.
  • Verify that the installed FRR version includes the corrected process_type2_route implementation.
  • If an immediate update is not possible, isolate the FRR instance from untrusted networks, restrict remote BGP connections, and enforce strict firewall rules to limit access to the EVPN route handling service.
  • Monitor FRR logs for anomalous EVPN route advertisements that could indicate exploitation attempts.

Generated by OpenCVE AI on March 31, 2026 at 06:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:frrouting:frrouting:10.5.0:*:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:10.5.1:*:*:*:*:*:*:*

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-807
References
Metrics threat_severity

None

 threat_severity

Moderate

Mon, 30 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Frrouting
Frrouting frrouting
Vendors & Products Frrouting
Frrouting frrouting

Mon, 30 Mar 2026 05:45:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.
Title FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control
Weaknesses CWE-266
CWE-284
References
Metrics cvssV2_0

{'score': 3.6, 'vector': 'AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C'}

cvssV3_0

{'score': 4.2, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C'}

cvssV3_1

{'score': 4.2, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Frrouting Frrouting
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-30T16:02:10.336Z

Reserved: 2026-03-29T17:55:46.788Z

Link: CVE-2026-5107

cve-icon Vulnrichment

Updated: 2026-03-30T16:02:06.462Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T06:16:05.510

Modified: 2026-04-29T22:01:48.407

Link: CVE-2026-5107

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-30T05:00:19Z

Links: CVE-2026-5107 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:00:17Z

Weaknesses