{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-71058", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-09T14:09:09.327Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-04-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-07T18:41:54.036Z"}, "descriptions": [{"lang": "en", "value": "Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://sourceforge.net/projects/dhcp-dns-server/"}, {"url": "https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T14:08:11.699406Z", "id": "CVE-2025-71058", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T14:09:09.327Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-71058", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-09T14:08:11.699406Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T14:08:37.319Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://sourceforge.net/projects/dhcp-dns-server/"}, {"url": "https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058"}], "descriptions": [{"lang": "en", "value": "Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-07T18:41:54.036Z"}}}, "cveMetadata": {"cveId": "CVE-2025-71058", "state": "PUBLISHED", "dateUpdated": "2026-04-09T14:09:09.327Z", "dateReserved": "2026-01-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-07T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inject forged responses and poison the DNS cache, potentially redirecting victims to attacker-controlled destinations."}], "id": "CVE-2025-71058", "lastModified": "2026-04-09T15:16:09.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-07T19:16:43.220", "references": [{"source": "cve@mitre.org", "url": "https://github.com/FPokerFace/Security-Advisory/tree/main/CVE-2025-71058"}, {"source": "cve@mitre.org", "url": "https://sourceforge.net/projects/dhcp-dns-server/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "8.01"}}], "enrichment": {"confidence": 91.0, "confidence_source": "matching", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 91.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "dual_dhcp_dns_server", "vendor": "dual_dhcp_dns_server_project"}], "analysis": {"en": {"generated_at": "2026-04-09T16:31:15.997690+00:00", "value": {"mitigation_remediation": ["Apply any vendor\u2011issued update that adds validation for upstream DNS responses to the Dual DHCP DNS Server 8.01. If a patch is not yet available, restrict incoming UDP port 53 traffic to only the legitimate upstream DNS servers using firewall rules. Disable the DNS server functionality if it is not required for network operation. Monitor DNS cache entries for unexpected changes and implement logging to detect potential poisoning attempts."], "summary": {"action": "Patch Immediately", "impact": "Remote DNS Cache Poisoning"}, "threat_synthesis": {"affected_systems": "Affected product is the Dual DHCP DNS Server, version 8.01. The vendor is not identified in the available data, and no other versions are explicitly listed as impacted, but the description suggests the flaw exists in the 8.01 release, and similar older releases may also lack proper response validation.", "description_and_impact": "The vulnerability lies in the Dual DHCP DNS Server 8.01 which accepts and caches UDP DNS responses without verifying that the response comes from an authorized upstream DNS server. Because the server matches responses mainly by transaction ID, an attacker on the network can send forged replies that the server will store in its cache. Once a forged entry is inserted, victims will be redirected to attacker\u2011controlled destinations, enabling phishing, malware delivery, or other malicious redirection attacks. This weakness falls under improper input validation and code injection failures, as reflected by the listed CWEs.", "risk_and_exploitability": "The CVSS score of 9.1 indicates a high\u2011severity vulnerability. The EPSS score of less than 1% suggests that current exploitation likelihood is low, and the flaw is not present in the CISA KEV catalog. The likely attack vector is remote over the network; an attacker needs the ability to send the forged UDP packets to the affected DNS server. Once a success, the attacker can permanently alter DNS resolution for all clients served by the server, causing widespread disruption or malicious redirection."}}}}, "created": "2026-04-08T19:50:24.900145+00:00", "updated": "2026-04-10T09:41:43.698737+00:00", "vendors": ["dual_dhcp_dns_server_project", "dual_dhcp_dns_server_project$PRODUCT$dual_dhcp_dns_server"]}