Design/Logic Flaw

2022-03-2823:15:00

PRIOn knowledge base

www.prio-n.com

4.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specific malicious users to inject NS records of any domain (even TLDs) into the cache and conduct a DNS cache poisoning attack.

CPENameOperatorVersion
dns_serverle7.0

CPE	Name	Operator	Version
	dns_server	le	7.0

References

github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md