CVE-2023-28456

high

Description

An issue was discovered in Technitium through 11.0.2. It enables attackers to launch amplification attacks (3 times more than other "golden model" software like BIND) and cause potential DoS.

References

https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3

https://dnsbomb.net/

https://technitium.com/dns/

Details

Source: Mitre, NVD

Published: 2024-09-18

Updated: 2025-04-22

Named Vulnerability: DNSBomb

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00121

Detections

Analytics