TF 0073 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Delete verified record
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | dns |
| Provider | Nifcloud |
Description
Leaving DNS TXT authentication records (such as 'nifty-dns-verify=...') in the zone after verification allows unauthorized parties to use the record to re-verify and claim control of the DNS zone. The code fails to remove these sensitive records after use, exposing the zone to takeover.
Impact
If exploited, attackers could register or take over the DNS zone by leveraging the leftover verification record, enabling them to manipulate DNS entries, redirect traffic, or compromise services relying on the affected domain.
Resolution
Remove verified record