Link State Advertisement (LSA) reflects the current status of all incident links of a router in an Autonomous System (AS). A fake LSA with false link status information will pollute the view of the network topology on routers. In this paper, we present two novel attacks that inject malicious Link State Advertisements (LSAs) to modify the routing tables: adjacency spoofing and single path injection. Adjacency spoofing attack makes attacker access to routing networks by disguising as a legitimate router. Single path injection attack evades the “fight-back” mechanism and affects routing advertisements of routers. Unlike existing LSA injection attacks, which need to be launched by malicious routers, a common host can launch these attacks and control the transmission path of data traffic in an AS. Simulation and real-world experiment results show that these two attacks can efficiently modify the routing tables of routers, and further lead to DNS spoofing, phishing Website, eavesdropping, and manin-the-middle attacks. Furthermore, we also implement a security vulnerability detection system to detect the existing vulnerabilities of routing protocol deployed in real-world routers.