[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":56,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":63,"vulnerability-5067":69,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":104},[4,15,21,37,45,51],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":36,"variant":13,"campaign_id":23},"phpBB authentication bypass - PW Banners - research focused","phpbb-authentication-bypass","New research: phpBB authentication bypass discovered by Pentest-Tools.com","https://pentest-tools.com/research/phpbb-authentication-bypass",[27,28,29,30,31,32,33,34,35],"/","/network-vulnerability-scanning/port-scanner-online-nmap","/website-vulnerability-scanning/website-scanner","/information-gathering/find-subdomains-of-domain","/website-vulnerability-scanning/discover-hidden-directories-and-files","/features/attack-surface","/features/internal-network-scanning","/features/vulnerability-monitoring","/features/pentest-reporting","Discover the CVEs",{"title":38,"slug":39,"text":40,"link":41,"external":9,"targets":42,"cta":44,"variant":13,"campaign_id":23},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[43],"/vulnerabilities-exploits","See the details",{"title":46,"slug":47,"text":48,"link":25,"external":9,"targets":49,"cta":50,"variant":13,"campaign_id":23},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB",[43],"Read the research",{"title":52,"slug":53,"text":40,"link":41,"external":9,"targets":54,"cta":44,"variant":13,"campaign_id":23},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[55],"/exploit-helpers/sniper",["Island",57],{"key":58,"params":59,"result":61},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":60},"{}",{"head":62},{},["Island",64],{"key":65,"params":66,"result":67},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":60},{"head":68},{},{"id":70,"detectable_with":71,"vuln_details":78,"vuln_id":101,"name":102,"published":103,"updated":79},5067,{"tool":72,"engine":75},{"id":73,"name":74},1,"Network Scanner",{"id":76,"name":77},3,"OpenVAS",{"id":70,"codename":79,"description":79,"severity":80,"risk_description":81,"public_description":82,"public_recommendation":83,"recommendation":79,"references":84,"cvssv3":88,"epss_score":89,"epss_percentile":90,"cve":91,"in_cisa_catalog":99,"date":100,"software_type":79,"vendor":79,"product":79,"ptt_exploit_capabilities":79},null,"medium","The following flaws exist in Dnsmasq versions prior to 2.83 as used in the FTL component: - CVE-2020-25681: A heap-based buffer overflow in sort_rrset() when DNSSEC is used - CVE-2020-25682: A buffer overflow in extract_name() function due to missing length check, when DNSSEC is enabled - CVE-2020-25683: A heap-based buffer overflow when DNSSEC is enabled. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() - CVE-2020-25684: A lack of proper address/port check implemented in the reply_query function - CVE-2020-25685: A lack of query resource name (RRNAME) checks implemented in the reply_query function - CVE-2020-25686: Multiple DNS query requests for the same resource name (RRNAME) allows for remote attackers to spoof DNS traffic, using a birthday attack (RFC 5452) - CVE-2020-25687: A heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() - CVE-2020-25681: This can allow a remote attacker to write arbitrary data into target devices memory that can lead to memory corruption and other unexpected behaviors on the target device - CVE-2020-25682: This can allow a remote attacker to cause memory corruption on the target device - CVE-2020-25683: A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a Denial of Service - CVE-2020-25684: This flaw makes it easier to forge replies to an off-path attacker - CVE-2020-25685: This flaw allows remote attackers to spoof DNS traffic that can lead to DNS cache poisoning - CVE-2020-25686: This flaw can lead to DNS cache poisoning - CVE-2020-25687: A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw could be abused be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service","Dnsmasq as used in the FTL DNS component of Pi-hole is prone to multiple vulnerabilities dubbed DNSpooq.","Update to version 5.5 or later.",[85,86,87],"https://pi-hole.net/2021/01/19/pi-hole-ftl-v5-5-released-update-today/","https://www.jsof-tech.com/disclosures/dnspooq/","https://www.thekelleys.org.uk/dnsmasq/CHANGELOG",5.9,0.45359,0.97694,[92,93,94,95,96,97,98],"CVE-2020-25681","CVE-2020-25682","CVE-2020-25683","CVE-2020-25684","CVE-2020-25685","CVE-2020-25686","CVE-2020-25687",false,"2021-01-20T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.117175","Pi-hole FTL DNS \u003C 5.5 Multiple Vulnerabilities in Dnsmasq (DNSpooq)","2021-01-22T00:00:00Z",["Island",105],{"key":106,"params":107,"result":109},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":108},"{\"text-color\":\"gray\"}",{"head":110},{}]