CWE-290 at Layer 3: IP Source Spoofing and uRPF Failure in Enterprise Wireless Infrastructure
Every spoofing attack starts with one missing check: does this packet actually come from where it claims? uRPF is the answer. When it is absent — CWE-290 — the entire network becomes an authentication bypass surface.