[RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass

October 19, 2020 admin cyber, exploit, full disclosure, OSINT, seclist, Security, threatintel, vulnerabilities, vulnerability, vulns

Click the icon to Follow me:-

Posted by RedTeam Pentesting GmbH on Oct 19

AMD Ryzen 5 3600 6-Core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler $199.99

The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G... read more

(as of January 25, 2021 - )

AMD Ryzen 5 5600X 6-core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler ~~$394.98~~ $374.94

AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more

(as of January 25, 2021 - )

AMD Ryzen 7 5800X 8-core, 16-Thread Unlocked Desktop Processor Without Cooler Black, XX-Large $519.98

AMD's fastest 8 core processor for mainstream desktop, with 16 procesing threads Can deliver elite 100+ FPS performance in the world's most popular games Cooler not included, high-performance cooler recommended 4.7 GHz Max Boost, unlocked for overclo... read more

(as of January 25, 2021 - )

Advisory: FRITZ!Box DNS Rebinding Protection Bypass

RedTeam Pentesting discovered a vulnerability in FRITZ!Box router
devices which allows to resolve DNS answers that point to IP addresses
in the private local network, despite the DNS rebinding protection
mechanism.

Details
=======

Product: FRITZ!Box 7490 and potentially others
Affected Versions: 7.20 and below
Fixed Versions: >= 7.21
Vulnerability Type: Bypass
Security Risk: low
Vendor…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.