Recently, cybersecurity experts have detected nearly 7 vulnerabilities in a very popular DNS software set that has been executed in routers and access points in every kind of business.
We all know that Dnsmasq is very popular, and the experts have identified approximately 40 vendors whom they believe to use Dnsmasq in their products. Not only this, but they also use a very major Linux distribution.
According to the experts, the set of flaws has been dubbed as DNSpooq, which resides in Dnsmasq, the DNS forwarding client for UNIX-based operating systems.
Dnsmasq is combined in the firmware of various network devices to implement DNS forwarding abilities by taking DNS requests that are made by all local users; later, the users forward the request to an upstream DNS server and capture all the results.
However, all the same, results are accessible to other clients without the need for a new upstream DNS query. This software is found in the devices of firms such as Cisco, ZTE, Huawei, D-Link, among others.
The DNSpooq vulnerability set divides into 2 types of vulnerabilities, and here we have mentioned them below:-
There are several possible attack scenario, thus we have mentioned them below:
The experts asserted that there are several workarounds that exist, and all are documented in their professional whitepaper. But, the best way to mitigate is to update Dnsmasq to version 2.83 or above.
DNS poisoning flaws are not that difficult to remove, although their exploitation can be efficiently automated for the use of botnets, phishing programs, among other campaigns.
Nearly 1 million Dnsmasq servers are being exposed on the Internet according to Shodan and over 630,000 according to BinaryEdge, with millions of other routers, VPNs, smartphones, tablets, infotainment systems, modems, access points, drones, and, but all the similar equipment are not accessible over the Internet also vulnerable to attacks.
The cybersecurity researchers have disclosed the flaws in August and publicly revealed them this month. Not only this, even these vulnerabilities are addressed in Dnsmasq 2.83; users of internet-of-things (IoT) and implanted the devices that use Dnsmasq. The experts also affirmed that they should contact their vendors for further data regarding updates.
In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…
Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…
The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…
In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…
A recent campaign has been observed to be delivering DJvu ransomware through a loader that…
In a pivotal update to the Okta security incident divulged in October 2023, Okta Security…