4 matches found
Pi-hole Command Injection Vulnerability
Pi-hole is a multi-platform, network-wide ad-blocking tool with support for... ,.., A command injection vulnerability exists in Pi-Hole 4.4. An attacker can exploit this vulnerability by writing to /etc/pihole/dns-servers.conf to achieve elevation of privilege...
CVE-2020-12620
Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection shell metacharacters after an IP address...
CVE-2020-12620
Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection shell metacharacters after an IP address...
Pi-hole 4.4 Remote Code Execution
!/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard port, for the sake of simplicity and not having to modify...