Intrusion Prevention

PowerDNS.Recursor.Web.Interface.Script.Injection

Description

This indicates an attack attempt against a Code Injection vulnerability in PowerDNS Recursor.
The vulnerability exists in the web interface of PowerDNS Recursor, where the qname of DNS queries was displayed without any escaping. A remote attacker may be able to exploit this to injection arbitrary code into the web interface, thus, altering the content

Affected Products

PowerDNS Recursor from 4.0.0 to 4.0.6.

Impact

System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Apply patch, available from the website.
https://downloads.powerdns.com/patches/2017-05/