CVE-2020-13960

CVE-2020-13960

D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.

Source: CVE-2020-13960

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다