Primary

Context

Technitium DNS Server Denial-of-Service Vulnerability in DNS-over-QUIC

Vulnerability

A denial-of-service vulnerability has been identified in Technitium DNS Server versions through 13.2.2. This issue allows remote attackers to permanently disrupt the server's ability to accept new DNS-over-QUIC connections by causing unhandled exceptions in the listener threads.

Impact

Exploitation of this vulnerability causes a denial-of-service condition, where the DNS server stops accepting new DNS-over-QUIC connections.

Reproduction

The vulnerability can be reproduced by sending DNS-over-QUIC requests that trigger unhandled exceptions in the server's listener threads. This can be done by exploiting specific conditions in the DNS-over-QUIC protocol handling, causing the server to fail in processing the requests and leading to a service interruption.

Remediation

Users can upgrade to Technitium DNS Server version 13.3 or later, where this vulnerability has been fixed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Technitium DNS Server Denial-of-Service Vulnerability in DNS-over-QUIC

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Technitium DNS Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating