Seven vulnerabilities affecting Dnsmasq could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. JSOF researchers unearthed seven bugs: three allow cache poisoning and four are buffer overflow vulnerabilities, the worst of which could lead to a remote code execution on the vulnerable device. Android/Google, Comcast, Cisco, Red Hat, Netgear, and Ubiquiti are among the bigger users of the DNS server. The vulnerabilities (CVE-2020-25681-7) can be combined to build extremely effective multi-staged attacks.
Source: https://www.helpnetsecurity.com/2021/01/19/dnsmasq-vulnerabilities/