IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
Published: 2020-06-02
IP-in-IP packet processing, a protocol used for tunneling by numerous vendors, contains a vulnerability that may lead to DDoS, information leakage and bypass of network access controls.
https://www.kb.cert.org/vuls/id/636397
https://www.digi.com/resources/security
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4