[RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass

Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by RedTeam Pentesting GmbH on Oct 19

Advisory: FRITZ!Box DNS Rebinding Protection Bypass

RedTeam Pentesting discovered a vulnerability in FRITZ!Box router
devices which allows to resolve DNS answers that point to IP addresses
in the private local network, despite the DNS rebinding protection


Product: FRITZ!Box 7490 and potentially others
Affected Versions: 7.20 and below
Fixed Versions: >= 7.21
Vulnerability Type: Bypass
Security Risk: low

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.


Original Source