From welivesecurity.com
Millions of devices could be vulnerable to Domain Name System (DNS) cache poisoning and remote code execution attacks due to seven security flaws in dnsmasq, DNS forwarding and caching software commonly found in smartphones, desktops, servers, routers and other Internet of Things devices, according to Israel-based security company JSOF, which discovered the security holes.
Collectively dubbed DNSpooq, the vulnerabilities in the open-source utility affect a variety of devices and firmware, including those made by some of the world’s leading tech companies.