What is the CVSS score of EUVD-2024-55104?

EUVD-2024-55104 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Dnsserver are affected by EUVD-2024-55104?

Technitium DNS servers through version 13.2.2 are vulnerable to cache poisoning attacks that allow attackers to inject fraudulent DNS responses, potentially redirecting users to malicious websites or…

How to fix or mitigate EUVD-2024-55104?

Within 24 hours: Audit all Technitium installations to identify affected versions (≤13.2.2) and document DNS dependencies. Within 7 days: Implement network segmentation to restrict DNS queries to trusted internal sources only, disable DNS recursive resolution if not required, and enable DNS query logging for forensic detection. Within 30 days: Monitor vendor releases closely for patches; contact Technitium support for interim guidance and evaluate migration to alternative DNS solutions if patches remain unavailable.

Dnsserver EUVD-2024-55104

| CVE-2024-56089 HIGH

Use of Insufficiently Random Values (CWE-330)

2025-12-01 cve@mitre.org

Code Injection Dnsserver

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 13:34 euvd

EUVD-2024-55104

Analysis Generated

Mar 15, 2026 - 13:34 vuln.today

CVE Published

Dec 01, 2025 - 15:15 nvd

HIGH 7.5

DescriptionCVE.org

An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack.

Analysis

An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack.

Technical ContextAI

This vulnerability is classified as Use of Insufficiently Random Values (CWE-330).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

EUVD-2024-55104 vulnerability details – vuln.today

Back

Dnsserver EUVD-2024-55104

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code