Skip to content

H3-2021-0024

Dangling DNS Record

Category SECURITY_MISCONFIGURATION
Base Score 0.1

Description

The DNS record for a subdomain has a CNAME record that points to another subdomain that is not in use or does not resolve to an IP address.

Impact

A dangling DNS record gives attackers an opportunity to attempt a subdomain takeover. By taking over a legitimate looking company domain, attackers can trick users through phishing campaigns, attempt to steal user cookies and passwords, deface the company web site and damage the company brand.

References