Shiming Liu

9 exploits Active since Mar 2022
CVE-2025-71058 WRITEUP CRITICAL WRITEUP
Dual DHCP DNS Server 8.01 - DNS Cache Poisoning
Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations.
CVSS 9.1
CVE-2021-43105 WRITEUP MEDIUM WRITEUP
Technitium DNS Server <=7.0 - Privilege Escalation
A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specific malicious users to inject `NS` records of any domain (even TLDs) into the cache and conduct a DNS cache poisoning attack.
CVSS 4.3
CVE-2022-30257 WRITEUP CRITICAL WRITEUP
Technitium DNS Server <8.0.2 - Info Disclosure
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.
CVSS 9.8
CVE-2022-30258 WRITEUP CRITICAL WRITEUP
Technitium DNS Server <8.0.2 - Info Disclosure
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.
CVSS 9.8
CVE-2022-48256 WRITEUP HIGH WRITEUP
Technitium DNS Server < 10.0 - Denial of Service via CNAME Loop
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
CVSS 7.5
CVE-2024-33655 WRITEUP HIGH WRITEUP
DNS Protocol - Denial of Service via Response Pulsing Burst
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst (which can be considered traffic amplification in some cases), aka the "DNSBomb" issue.
CVSS 7.5
CVE-2024-56089 WRITEUP HIGH WRITEUP
Technitium DNS Server < 13.2.2 - DNS Cache Poisoning via Birthday Attack
An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack.
CVSS 7.5
CVE-2025-50334 WRITEUP HIGH WRITEUP
Technitium DNS Server < 14.0 - Denial of Service via Rate-Limiting Component
An issue in Technitium DNS Server v.13.5 allows a remote attacker to cause a denial of service via the rate-limiting component
CVSS 7.5
CVE-2025-50334 WRITEUP HIGH WRITEUP
Technitium DNS Server < 14.0 - Denial of Service via Rate-Limiting Component
An issue in Technitium DNS Server v.13.5 allows a remote attacker to cause a denial of service via the rate-limiting component
CVSS 7.5