CVE-2024-25583 HIGH

CVE-2024-25583: Crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured

Vendor Powerdns
Product Recursor
Weakness CWE-20 · Input validation
Published April 25, 2024
Last update February 13, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected.

Key dates

02Disclosure timeline

April 25, 2024 CVE published
February 13, 2025 Record updated