[RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass

Posted by RedTeam Pentesting GmbH on Oct 19

Advisory: FRITZ!Box DNS Rebinding Protection Bypass

RedTeam Pentesting discovered a vulnerability in FRITZ!Box router
devices which allows to resolve DNS answers that point to IP addresses
in the private local network, despite the DNS rebinding protection
mechanism.

Details
=======

Product: FRITZ!Box 7490 and potentially others
Affected Versions: 7.20 and below
Fixed Versions: >= 7.21
Vulnerability Type: Bypass
Security Risk: low
Vendor…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: cyber, exploit, full disclosure, OSINT, seclist, Security, threatintel, vulnerabilities, vulnerability, vulns

[RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass

Original Source

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

Original Source

You may have missed

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

CISA: CISA Adds One Known Exploited Vulnerability to Catalog