logo

Poweradmin Host Header Injection Lets Attackers Hijack DNS Accounts

ID: 5bce2565-6671-58fc-8f34-32536647fdff

STIX ID: report--5bce2565-6671-58fc-8f34-32536647fdff

Feed Name: securityonline.info

Threat Score
72/100

Date Published: 2026-07-02

Date Updated: 2026-07-02

Author: Do Son

...
...

**CVE-2026-54588 — Poweradmin host-header injection (CVSS 9.6):** A critical host-header injection in Poweradmin’s login and logout flows (OIDC, SAML) allows an attacker to craft a malicious Host header that results in poisoned redirect_uri values, enabling theft of authorization codes and takeover of DNS administrator accounts; affected versions are <4.2.4 and 4.3.0–<4.3.3. No public proof-of-concept or in-the-wild exploitation has been reported; vendors released fixes in 4.2.4 and 4.3.3 and configuring interface.base_url is suggested as a temporary mitigation.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.