Impact
An issue in Technitium DNS Server version 14.3 and earlier allows a denial of service by targeting the DnsServerApp.exe, DnsServerApp.dll, and TechnitiumLibrary.Net/Dns/DnsClient.cs components. The vulnerability can be triggered from outside the local network and leads to a crash or unresponsive state of the DNS service, potentially disrupting normal DNS resolution for clients that rely on that server. It does not provide code execution or data disclosure capabilities, but the interruption of DNS service can have serious availability consequences for organizations depending on it.
Affected Systems
Technitium DNS Server v14.3 and all prior releases. The affected components are the DnsServerApp executable, its associated dynamic link library, and the DnsClient code in the TechnitiumLibrary.Net namespace. Administrators should verify that they are running any version of the software predating the fix, and consider upgrading if possible.
Risk and Exploitability
The EPSS score for this vulnerability is < 1 % and it is not listed in the CISA KEV catalog, so the probability of exploitation remains low but not negligible. The CVSS score of 7.5 indicates a high severity denial‑of‑service impact. An attacker who can reach the DNS server can trigger the flaw remotely and cause the service to crash or become unresponsive, disrupting DNS resolution for clients. No special privileges or internal access are required, so any external host able to contact the server may be able to trigger the exploit.
OpenCVE Enrichment