Specialists of the information security company JSOF have disclosed a number of vulnerabilities in the popular Dnsmasq software that allow DNS cache poisoning attacks and remotely execute arbitrary code.

Dnsmasq (short for DNS masquerade) is a lightweight open source DNS response caching program. With its DNS forwarding feature, it caches DNS records locally, thereby reducing the load on upstream DNS servers and improving performance. According to the JSOF, as of September 2020, there were about 1 million vulnerable Dnsmasq installations on Android devices, routers and other network devices from Cisco, Aruba, Technicolor, Redhat, Siemens, Ubiquiti, and Comcast.

In total, the researchers have found seven vulnerabilities in the Dnsmasq software, collectively called DNSpooq.

All vulnerabilities have been fixed in Dnsmasq 2.83, and users are strongly encouraged to install it to avoid possible cyber attacks.

Source: securitylab.ru