CVE-2021-36754

HIGH EXPLOITED NUCLEI

Powerdns Authoritative Server < 4.5.1 - Memory Corruption

Title source: rule

Description

PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.

Nuclei Templates (1)

PowerDNS Authoritative Server - Denial of Service

HIGHVERIFIEDby daffainfo

References (3)

[Vendor Advisory] https://doc.powerdns.com/authoritative/security-advisories/index.html

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2021/07/26/2

[Vendor Advisory] https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2021-01.html

Scores

CVSS v3 7.5

EPSS 0.8134

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

VulnCheck KEV 2025-10-20

CWE

CWE-119

Status published

Products (1)

powerdns/authoritative_server 4.5.0 - 4.5.1

Published Jul 30, 2021

Tracked Since Feb 18, 2026