Lucene search
K

10 matches found

Talos
Talos
added 2026/05/07 12:0 a.m.16 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

6.8CVSS6AI score0.00276EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/05 8:50 p.m.46 views

CVE-2026-39849 Pi-hole FTL remote code execution via newline injection in dns.interface configuration

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

8.7CVSS0.00956EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.17 views

PT-2026-37240

Name of the Vulnerable Software and Affected Versions Pi-hole FTL versions prior to 6.6.1 Description The dns.interface configuration field in Pi-hole FTL accepts newline characters without validation, which allows an attacker to inject arbitrary directives into the generated dnsmasq configuratio...

8.8CVSS6AI score0.00956EPSS
Exploits1References9
EUVD
EUVD
added 2026/04/07 3:20 p.m.6 views

EUVD-2026-19715

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP hosts configuration parameter dhcp.hosts. This vulnerability allows an authenticat...

8.8CVSS6.2AI score0.00686EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 3:18 p.m.1 views

CVE-2026-35519

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS6.2AI score0.00537EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2021/09/15 1:40 p.m.3 views

openstack-neutron: arbitrary dnsmasq reconfiguration via extra_dhcp_opts

An input-validation flaw was found in openstack-neutron, where an authenticated attacker could change the dnsmasq configuration. By crafting extradhcpopts values, the attacker could crash the dnsmasq, change parameters for tenants sharing the same interface, or otherwise alter that daemon’s...

6.5CVSS5.9AI score0.0189EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2021/08/31 7:4 p.m.30 views

CVE-2021-40085

An input-validation flaw was found in openstack-neutron, where an authenticated attacker could change the dnsmasq configuration. By crafting extradhcpopts values, the attacker could crash the dnsmasq, change parameters for tenants sharing the same interface, or otherwise alter that daemon’s...

7.6CVSS2.3AI score0.0189EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2021/08/31 3:0 p.m.27 views

CVE-2021-40085

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extradhcpopts value...

6.5CVSS6.7AI score0.0189EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/31 12:0 a.m.6 views

OpenStack 安全漏洞

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Neutron is one of the networking components that provides Network-as-a-Service NaaS, which enables the create networks between...

6.5CVSS6.7AI score0.0189EPSS
Exploits1References20
OSV
OSV
added 2021/02/06 12:15 a.m.7 views

CVE-2020-14312

A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not...

5.9CVSS5.4AI score
Exploits0References1
Rows per page
Query Builder