Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058 cve-icon cve-icon
https://sourceforge.net/projects/dhcp-dns-server/ cve-icon cve-icon
History

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Description Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations.
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-07T18:41:54.036Z

Reserved: 2026-01-09T00:00:00.000Z

Link: CVE-2025-71058

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-07T19:16:43.220

Modified: 2026-04-07T19:16:43.220

Link: CVE-2025-71058

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.