Denial of Service Vulnerability in Technitium DNS Product
CVE-2023-49203

7.5HIGH

Key Information:

Vendor: Technitium
Status: Dnsserver
Vendor: CVE Published:; 18 September 2024

What is CVE-2023-49203?

A vulnerability in Technitium DNS version 11.5.3 allows remote attackers to exploit DNS query manipulation techniques. By utilizing DNSBomb, attackers can create a denial of service situation through the accumulation of low-rate DNS queries. This results in a significant increase in response size, which can overwhelm the system and lead to potential service disruptions due to burst traffic. This emphasizes the importance of securing DNS services against such manipulation tactics.

References

https://technitium.com/dns/

https://gist.github.com/idealeer/89947ca07836fd0f7e976119...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2024
Vulnerability Reserved
Nov 23, 2023

CVE-2023-49203 Data

JSON