CVE-2021-43105

2022-03-2822:02:34

mitre

www.cve.org

vulnerability

dns server

bailiwick checking

technitium

cache poisoning

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specific malicious users to inject NS records of any domain (even TLDs) into the cache and conduct a DNS cache poisoning attack.

References

github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md