CVE-2021-43105

2022-03-2822:02:34

mitre

www.cve.org

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specific malicious users to inject NS records of any domain (even TLDs) into the cache and conduct a DNS cache poisoning attack.

References

github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md