CVE-2018-10920

MEDIUM

Knot Resolver < 2.4.1 - Cache Poisoning via Improper Input Validation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-10920. PoCs published by shutingrz.

AI-analyzed exploit summary This PoC exploits CVE-2018-10920, a DNS cache poisoning vulnerability in Knot Resolver, by spoofing DNS responses to redirect queries for a target domain to a malicious IP address. It crafts fake NS and A records to manipulate DNS resolution.

Description

Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache.

Exploits (1)

nomisec WORKING POC

by shutingrz · poc

https://github.com/shutingrz/CVE-2018-10920_PoC

View Code ZIP pw:eip

This PoC exploits CVE-2018-10920, a DNS cache poisoning vulnerability in Knot Resolver, by spoofing DNS responses to redirect queries for a target domain to a malicious IP address. It crafts fake NS and A records to manipulate DNS resolution.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Knot Resolver (versions affected by CVE-2018-10920)

No auth needed

Prerequisites: Network access to DNS queries · Victim must query the malicious DNS server

MITRE ATT&CK

T1557 - Adversary-in-the-Middle

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://www.knot-resolver.cz/2018-08-02-knot-resolver-2.4.1.html

Issue Tracking, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10920

Scores

CVSS v3 6.8

EPSS 0.1220

EPSS Percentile 93.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

Details

CWE

CWE-20

Status published

Products (1)

nic/knot_resolver < 2.4.1

Published Aug 02, 2018

Tracked Since Feb 18, 2026