Back to feed
Dev.to
Dev.to
6/19/2026
DNS Rebinding and NXDOMAIN Hijacking: Two Overlooked DNS Attacks

DNS Rebinding and NXDOMAIN Hijacking: Two Overlooked DNS Attacks

Short summary

DNS rebinding exploits the browser's same-origin policy to let malicious scripts access internal network devices, while NXDOMAIN hijacking intercepts "domain not found" responses to redirect traffic. Both attacks abuse legitimate DNS behavior rather than requiring compromised credentials. Defenses include DNS resolver filtering, Host header validation, authentication on internal services, and HTTPS.

  • DNS rebinding exploits same-origin policy to access internal devices through victim's browser as a proxy
  • NXDOMAIN hijacking intercepts domain-not-found responses to redirect to attacker-controlled pages
  • Key defenses: DNS filtering, Host header validation, mandatory authentication, and HTTPS on internal services

Generated with AI, which can make mistakes.

Is this a good recommendation for you?

Explore more