ID:5063 - Exploit for Insufficient verification of data authenticity in Dnsmasq - CVE-2020-25686

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:5063 - Exploit for Insufficient verification of data authenticity in Dnsmasq - CVE-2020-25686

ID:5063 - Exploit for Insufficient verification of data authenticity in Dnsmasq - CVE-2020-25686

Published: January 24, 2021


Vulnerability identifier: #VU49845
Vulnerability risk: Low
CVE-ID: CVE-2020-25686
CWE-ID: CWE-345
Exploitation vector: Remote access
Vulnerable software:
Dnsmasq

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected software does not check for an existing pending request for the same name and forwards a new request. A remote attacker can perform a DNS cache poisoning attack.


Remediation

Install updates from vendor's website.