CVE-2020-13960
Last modified
CVE-2020-13960 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.. EPSS estimates a 1.19% chance of exploitation in the next 30 days.
Description
D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dsl-2730u Firmware | in_1.10 |
| Dlink | Dir-600m Firmware | 3.04 |
References
- https://harigovind.org/articles/who-is-hijacking-my-nxdomains/Exploit, Third Party Advisory
- https://harigovind.org/articles/who-is-hijacking-my-nxdomains/Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-13960?
How severe is CVE-2020-13960?
How do I fix CVE-2020-13960?
Are you affected by CVE-2020-13960?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST