Vulnerabilities > Powerdns > Recursor > Low

DATE CVE VULNERABILITY TITLE RISK
2018-01-23 CVE-2017-15093 Improper Input Validation vulnerability in Powerdns Recursor
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones.
network
powerdns CWE-20
3.5