Vulnerabilities > CVE-2021-43105 - Unspecified vulnerability in Technitium DNS Server

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

technitium

NVD

Published: 2022-03-28

Updated: 2022-04-05

Summary

A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specific malicious users to inject `NS` records of any domain (even TLDs) into the cache and conduct a DNS cache poisoning attack.

Vulnerable Configurations

Part	Description	Count
Application	Technitium Technitium DNS Server *	1

References

https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md