Not true! It affects all routers as long as DHCP Option 121 (which is the the default) supported! You can review the researchers blog: CVE-2024-3661: TunnelVision - How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak — Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory
Again, not true! the VPN encryption would be de-cloaked by this attacking vector! If you use encrypted protocols such as HTTPS/SSH then you would be safe. Refer to Requirements for decloaking VPN traffic on the blog.
It's in fact an interesting vulnerability as it involves: rogue DHCP server plus using Option 121 to decloak VPN packets through a physical interface!
Incorrect! It affects any *nix-based system connected to a VPN. The routes you referred to are part of the exploitation process!
Correct!
It does! refer to the researcher's blog and test it against your GL device.
Your lab and testing are not correct! You need to understand the blog and watch the video first.