Unrated severityNVD Advisory· Published Jun 8, 2020· Updated Aug 4, 2024
CVE-2020-13960
CVE-2020-13960
Description
D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- D-Link/DSL 2730-U / DIR-600Mdescription
Patches
Vulnerability mechanics
References
1- harigovind.org/articles/who-is-hijacking-my-nxdomains/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.