PowerDNS Invalid Configuration Vulnerability in BIND Backend via Notify Request

Vulnerability

A vulnerability exists in PowerDNS Authoritative that allows an attacker to send a notify request, which inadvertently adds a new secondary domain to the BIND backend. This action disrupts the backend's configuration, rendering it invalid and causing the backend to fail on the next restart. As a result, manual intervention is required to restore normal operation.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, where the BIND backend fails to start correctly, causing disruption in domain name resolution services.

Added: Apr 22, 2026, 2:27 PM

Updated: Apr 22, 2026, 2:27 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

7.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

7.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PowerDNS Invalid Configuration Vulnerability in BIND Backend via Notify Request

Vulnerability

Impact

Affected Products

PowerDNS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating