PowerDNS LDAP Query Injection Vulnerability via Incomplete Escaping

Vulnerability

A vulnerability in PowerDNS exists due to incomplete escaping of LDAP queries when 8bit-dns is enabled. This flaw allows users to query internal domain subtrees, potentially leading to unauthorized information disclosure.

Impact

Exploitation of this vulnerability could result in unauthorized access to internal domain subtree information via crafted LDAP queries.

Added: Apr 22, 2026, 2:24 PM

Updated: Apr 22, 2026, 2:24 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

5.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

5.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PowerDNS LDAP Query Injection Vulnerability via Incomplete Escaping

Vulnerability

Impact

Affected Products

PowerDNS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating