How "fun" a RemoteCodeExecution vulnerablity in DNSmasq. That thing is probably present on every network worldwide either just in the router or in many embedded devices, phones, id-IoT stuff…

· · Web · 2 · 1 · 2

@tbr Most of those devices probably don't use DNSSEC though.

@juliank As Måns rightfully pointed out, only if its DNSmasq has DNSSEC enabled. Also dnsmasq would need to be running as root or you'd need to find a way to elevate from there.
It certainly is a potential attack vector.

Sign in to participate in the conversation
Society of Trolls

A nice little Mastodon instance. Mild trolling encouraged (keep it local), but not required. Malicious behaviour is not tolerated. Follow Wheaton's law and you'll be fine.