Vulnerabilities > CVE-2022-33990 - Unspecified vulnerability in Dproxy-Nexgen Project Dproxy-Nexgen

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

dproxy-nexgen-project

NVD

Published: 2022-08-15

Updated: 2022-08-18

Summary

Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.

Vulnerable Configurations

Part	Description	Count
Application	Dproxy-Nexgen_Project Dproxy Nexgen Project Dproxy Nexgen -	1

References

https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
https://sourceforge.net/projects/dproxy/
https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner
https://www.openwall.com/lists/oss-security/2022/08/14/3