CVE-2022-34294

Published August 15th, 2022

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.

fwdillema/totd

DNS proxy and translator for IPv6 and IPv4

GitHub