vulnerability

Pi-hole AdminLTE: CVE-2020-8816: DHCP MAC OS Command Execution

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	Mar 28, 2020	Feb 28, 2022	May 3, 2022

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

Mar 28, 2020

Added

Feb 28, 2022

Modified

May 3, 2022

Description

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.

This check requires the Metasploit Remote Check Service to be enabled on Scan Engines. Please see the Metasploit Remote Check Service documentation for instructions on how to enable this functionality.

Solution

pi-hole-adminlte-upgrade-latest

References

CVE-2020-8816
https://attackerkb.com/topics/CVE-2020-8816
URL-https://natedotred.wordpress.com/2020/03/28/cve-2020-8816-pi-hole-remote-code-execution/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today