Unintended Domain Name Resolution Vulnerability in Technitium DNS Server
CVE-2022-30258
9.8CRITICAL
What is CVE-2022-30258?
A flaw in Technitium DNS Server prior to version 8.0.3 enables variant V2 of unintended domain name resolution, where revoked domain names may still resolve for extended periods. This issue poses significant risks as it allows both expired domains and previously taken-down malicious domains to remain accessible. Exploits leveraging this vulnerability can align with existing DNS specifications and protocols, thus bypassing current mitigation strategies for 'Ghost' domain names, potentially resulting in widespread operational disruptions.