GHSA-84G5-X8J3-7235: GHSA-84G5-X8J3-7235: DNS Filter Bypass via Off-by-one Error in Netfoil Suffi…

1 / 2

GHSA-84G5-X8J3-7235: GHSA-84G5-X8J3-7235: DNS Filter Bypass via Off-by-one Error in Netfoil Suffix Trie

DEV Community·CVE Reports·about 1 month ago

#7RSBSdz6

#security #cve #cybersecurity #ghsa #netfoil #word

Reading 0:00

15s threshold

GHSA-84G5-X8J3-7235: DNS Filter Bypass via Off-by-one Error in Netfoil Suffix Trie Vulnerability ID: GHSA-84G5-X8J3-7235 CVSS Score: 7.5 Published: 2026-04-29 Netfoil versions prior to v0.2.1 contain an off-by-one logic error within the custom suffix trie implementation used for domain matching. This flaw allows an attacker to bypass DNS allowlist configurations by prepending arbitrary characters to approved domain names. TL;DR An off-by-one error in Netfoil's domain matching logic ignores the first character of incoming domains, allowing attackers to bypass DNS filters by adding a prefix to allowed domains.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

GHSA-84G5-X8J3-7235: GHSA-84G5-X8J3-7235: DNS Filter Bypass via Off-by-one Error in Netfoil Suffix Trie