PowerDNS Recursor HTML/Script Injection Vulnerability – A Walkthrough

December 2, 2017

PowerDNS Recursor is a high-end, high-performance resolving name server that powers the DNS resolution of at least a hundred million subscribers. The “Recursor” is one of two name server products whose primary goal is to act as resolving DNS server. On Aug. 7, 2017, I reported an XSS (cross-site scripting) vulnerability to PowerDNS and its Security Team. They assigned it the identifier CVE-2017-15092. In this report I will explain how I was able to identify and trigger the vulnerability.

Read more...

Previous Article
Q&A with Bob Fortna President of Fortinet Federal Inc
Q&A with Bob Fortna President of Fortinet Federal Inc

Bob Fortna joined Fortinet as president of Fortinet Federal Inc. earlier this year. We sat down with Bob to...

Next Article
E-Rate Program: What You Should Know When Filing
E-Rate Program: What You Should Know When Filing

Having secure, reliable access to the internet is no longer an option. It’s necessary. This is especially t...