3 matches found
Pi-hole Web Interface < 5.1 Multiple Vulnerabilities
The Pi-hole Web Interface previously AdminLTE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-14971
Pi-hole through 5.0 allows code injection in piholedhcp the Static DHCP Leases section by modifying Teleporter backup files and then restoring them. This occurs in settings.php. To exploit this, an attacker would request a backup of limited files via teleporter.php. These are placed into a .tar.g...
CVE-2020-14971
CVE-2020-14971 affects Pi-hole up to version 5.0, enabling code injection in the piholedhcp component (Static DHCP Leases) by tampering Teleporter backup archives. An attacker can request a limited backup via teleporter.php, receive a .tar.gz, modify the host parameter in dnsmasq.d files inside t...