[ 21.01 ] vulns in DNSMasq may lead to Cache Poisoning and RCE (CVE-2020-25686)

Multiple cricital vulns in dnsmasq may lead to DNS Cache-Poisoning and RCE; the series of flaws has been duped "DNSPOOQ"

For more details read DNSpooq - Kaminsky attack is back! from JSOF.

The Dnspooq vulnerabilities include DNS cache poisoning vulnerabilities as well as a potential Remote code execution and others.

The list of devices using dnsmasq is long and varied. According to our internet-based research, prominent users of dnsmasq seem to include Cisco routers, Android phones, Aruba devices, Technicolor, and Red-Hat, as well as Siemens, Ubiquiti networks, Comcast, and others listed below. Depending on how they use dnsmasq, devices may be more or less affected, or not affected at all.

PoCs exists (unverified)

Fragen? Kontakt: info@zero.bs