← volver
CVE-2020-14162

CVE-2020-14162

EPSS 0.6%
An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://0xpanic.github.io/2020/07/21/Pihole.htmlhttps://docs.pi-hole.net/core/pihole-command/