PowerDNS.Recursor.Web.Interface.Script.Injection
Description
This indicates an attack attempt against a Code Injection vulnerability in PowerDNS Recursor.
The vulnerability exists in the web interface of PowerDNS Recursor, where the qname of DNS queries was displayed without any escaping. A remote attacker may be able to exploit this to injection arbitrary code into the web interface, thus, altering the content
Affected Products
PowerDNS Recursor from 4.0.0 to 4.0.6.
Impact
System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser
Recommended Actions
Apply patch, available from the website.
https://downloads.powerdns.com/patches/2017-05/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |