TF 0052 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Instances should not have IP forwarding enabled
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | |
| Vulnerability Type | misconfiguration |
Description
Enabling IP forwarding on Google Compute instances allows the VM to send and receive network packets that are not specifically addressed to or from its own IP address, which bypasses standard network isolation controls.
Impact
If exploited, attackers could use the instance to route or proxy unauthorized network traffic, potentially enabling lateral movement within the network, data exfiltration, or the compromise of other internal resources.
Resolution
Disable IP forwarding