This study addresses structural security risks at the IPv6 network edge—such as service exposure and routing loops—for which global-scale systematic assessment has been lacking. The authors present the first comprehensive IPv6 edge security measurement covering 73 countries, introducing a Response-Guided Prefix Selection (RGPS) strategy to efficiently scan high-value targets. They further develop a Hierarchical Large Language Model Exposure Verification (HLEV) framework to analyze unauthorized access risks. Their analysis identifies 281.9 million active IPv6 edge nodes, with a service exposure rate of 2.5%, and detects 4.5 million routing loop responses. The work also uncovers multiple security vulnerabilities in widely used LLM deployment tools, stemming from missing authentication mechanisms due to insecure default configurations.

As IPv6 deployment accelerates, understanding the evolving security posture of network peripheries becomes increasingly important. A DSN 2021 study introduced the first large-scale discovery of IPv6 network peripheries, uncovering risks like service exposure and routing loops. However, its scope was limited to three regions and is now outdated. In this paper, we revisit and significantly expand upon that work, presenting a comprehensive, up-to-date security assessment of IPv6 network peripheries. To support efficient large-scale scanning, we propose a novel Response-Guided Prefix Selection (RGPS) strategy to identify high-value IPv6 prefixes for probing. Our global-scale measurement covers 73 countries/regions and identifies over 281.9M active IPv6 network peripheries, including a 371.2\% increase (245M) over the 52M reported in 2021 for India, China, and America. Our service exposure analysis shows that 2.5\% of reachable services are still dangerously exposed, including outdated administrative interfaces and misconfigured servers, while correlation with known CVEs reveals recurring software vulnerabilities. Building on this service-exposure perspective, we further design a Hierarchical LLM Exposure Verification (HLEV) framework to identify unauthorized-access risks in exposed LLM deployment tools, revealing multiple security weaknesses caused by insecure default configurations and missing authentication. Additionally, we revisit routing loop vulnerabilities and identify 4.5M loop-prone responses, confirming that flawed routing behaviors remain widespread across vendors and countries/regions. These findings suggest that while IPv6 adoption has surged, key security challenges persist and are structurally embedded.