Is this vulnerability remotely exploitable?

Yes. As long as the DNS service is reachable over UDP from the attacker's network and queries are being forwarded upstream, an attacker can attempt to race legitimate responses with forged packets.

Does an attacker need authenticated access to exploit this?

No authentication is typically required. The attacker only needs network-level ability to send spoofed or crafted UDP DNS responses to the affected server.

What is the safest general fix pattern?

The most robust pattern is to enforce strict validation of DNS responses so that only replies from configured upstream resolvers are accepted, and to correlate responses using more than just the TXID (e.g., source address, port, and query parameters), combined with the adoption of authenticated DNS mechanisms where possible.

Severity:

CRITICAL RISK

(9.1)

DNS Cache Poisoning via Unvalidated Responses (CWE-94) in Dual DHCP DNS Server 8.01

CVE-2025-71058

Published:

Apr 7, 2026

Status:

Awaiting Analysis

Summary

Affected Context

Exploit Preconditions

Why This Happens

Potential Impact

General Mitigation Guidance

How Teams Detect Issues Like This

Frequently Asked Questions

Source

NDV

Recent Vulnerabilities

CWE-77;CWE-78

CRITICAL RISK

CRITICAL

(9.8)

OS Command Injection (CWE-78) in Totolink A7100RU CGI Handler setAccessDeviceCfg

Remote Code Execution on the Router

April 12, 2026

CWE-77;CWE-78

CRITICAL RISK

CRITICAL

(9.8)

OS Command Injection (CWE-78) in Totolink A7100RU CGI setLedCfg Handler

Remote Code Execution on the Router

April 12, 2026

Vulnerability Type

Category:

DNS Cache Poisoning / Improper Remote Code Specification

CWE:

CWE-94

Impact:

Traffic Redirection and DNS Cache Poisoning

Severity:

CRITICAL RISK

(9.1)

CVSS Version:

3.1

Vulnerability Type

Category:

DNS Cache Poisoning / Improper Remote Code Specification

CWE:

CWE-94

Impact:

Traffic Redirection and DNS Cache Poisoning

Severity:

CRITICAL RISK

(9.1)

CVSS Version:

3.1

Catch This CVE While Code Is Being Written

Detect vulnerable code directly in pull requests, so CVEs are fixed before merge.

Get Started

Ship clean & secure code faster

START 14 DAYS FREE TRIAL

BOOK A DEMO

Made with Love in San Francisco

355 Bryant St. San Francisco, CA 94107, USA

Ask AI for summary of CodeAnt

Made with Love in San Francisco

355 Bryant St. San Francisco, CA 94107, USA

Ask AI for summary of CodeAnt

Made with Love in San Francisco

355 Bryant St. San Francisco, CA 94107, USA

Ask AI for summary of CodeAnt

DNS Cache Poisoning via Unvalidated Responses (CWE-94) in Dual DHCP DNS Server 8.01

Summary

Affected Context

Exploit Preconditions

Why This Happens

Potential Impact

General Mitigation Guidance

How Teams Detect Issues Like This

Frequently Asked Questions

Source

Recent Vulnerabilities

CRITICAL RISK

CRITICAL

(9.8)

OS Command Injection (CWE-78) in Totolink A7100RU CGI Handler setAccessDeviceCfg

CRITICAL RISK

CRITICAL

(9.8)

OS Command Injection (CWE-78) in Totolink A7100RU CGI setLedCfg Handler

Vulnerability Type

Vulnerability Type

Vulnerability Type

Catch This CVE While Code Is Being Written

Ship clean & secure code faster

Product

Pricing

Company

Legal

Developers

Compare

Product

Pricing

Company

Legal

Developers

Compare

Product

Pricing

Company

Legal

Developers

Compare