CVE-2022-34294

Critical

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not…

mitre·CWE-331·Published 2022-08-15

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

188 chars

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.

NVDen

188 chars

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.

totd versión 1.5.3, usa un puerto de origen UDP fijo en las consultas ascendentes enviadas a los resolvedores de DNS. Esto permite el envenenamiento de la caché de DNS porque no se presenta suficiente entropía para prevenir ataques de inyección de tráfico.

CVE-2022-34294

CVSS metrics across sources