VLAN Double-Tagging Attacks

A threat actor is specific situations could embed a hidden 802.1Q tag inside the frame that already has an 802.1Q tag

This tag allows the frame to go to a VLAN that the original 802.1Q tag did not specify