CVE-2025-5994
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-11-03
Assigner: NLnet Labs
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nlnetlabs | unbound | 1.6.2 |
| nlnetlabs | unbound | 1.23.1 |
| nlnetlabs | unbound | 1.23.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-349 | The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Rebirthday Attack is a multi-vendor cache poisoning vulnerability affecting caching DNS resolvers that support EDNS Client Subnet (ECS). It exploits the birthday paradox to match DNS transaction IDs and inject malicious cache entries by sending non-ECS poisonous replies. Unbound is vulnerable if compiled with ECS support and configured to send ECS information with queries. The issue arises because resolvers need to segregate outgoing queries based on ECS data, and failure to do so allows attackers to poison the cache.
How can this vulnerability impact me? :
This vulnerability can allow attackers to poison the DNS cache of vulnerable resolvers, causing them to return incorrect or malicious DNS responses. This can lead to users being redirected to fraudulent or malicious websites, potentially resulting in data theft, malware infection, or other security breaches.