VDB

GCVE-110-MAGEIA-2020-286

GCVE-110-MAGEIA-2020-286
Advisory Published
Vulnetix · Advisory published July 7, 2020
Updated pdns-recursor package fixes security vulnerability: An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction (CVE-2020-14196). In the default configuration the API webserver is not enabled. Only installations using a non-default value for webserver and webserver-address are affected.

Affected Products

VendorProductVersionsPlatforms
Mageiapdns-recursor0 (affected), 4.1.17-1.mga7 (unaffected)

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›