← volver
CVE-2020-36517

CVE-2020-36517

EPSS 2.9%
An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://community.home-assistant.io/t/ha-os-dns-setting-configuration-not-respected/356572https://github.com/home-assistant/plugin-dns/issues/17https://github.com/home-assistant/plugin-dns/issues/20https://github.com/home-assistant/plugin-dns/issues/22https://github.com/home-assistant/plugin-dns/issues/50https://github.com/home-assistant/plugin-dns/issues/51https://github.com/home-assistant/plugin-dns/issues/53https://github.com/home-assistant/plugin-dns/issues/54https://github.com/home-assistant/plugin-dns/issues/6https://github.com/home-assistant/plugin-dns/issues/64https://github.com/home-assistant/plugin-dns/issues/70https://github.com/home-assistant/plugin-dns/pull/55