Lucene search

CVE-2024-34361 Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)

🗓️ 05 Jul 2024 18:01:30Reported by GitHub_MType

Pi-hole SSRF vulnerability allows RCE via gravity_DownloadBlocklistFromUrl(

Reporter	Title	Published	Views	Family All 7
OSV	CVE-2024-34361	5 Jul 202419:15	–	osv
CVE	CVE-2024-34361	5 Jul 202419:15	–	cve
Vulnrichment	CVE-2024-34361 Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)	5 Jul 202418:30	–	vulnrichment
NVD	CVE-2024-34361	5 Jul 202419:15	–	nvd
GithubExploit	Exploit for CVE-2024-34361	7 Jul 202421:22	–	githubexploit
GithubExploit	Exploit for CVE-2024-34361	7 Jul 202421:22	–	githubexploit
OpenVAS	Pi-hole Core < 5.18.3 SSRF/RCE Vulnerability	8 Jul 202400:00	–	openvas

[
  {
    "vendor": "pi-hole",
    "product": "pi-hole",
    "versions": [
      {
        "version": "< 5.18.3",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/pi-hole/pi-hole/commit/2c497a9a3ea099079bbcd1eb21725b0ed54b529d
github	www.github.com/pi-hole/pi-hole/security/advisories/GHSA-jg6g-rrj6-xfg6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Jul 2024 18:30Current

CVSS38.5

EPSS0.49778

CWE-918