CVE-2020-12620

CVE-2020-12620

EPSS 1.5%

Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection (shell metacharacters after an IP address).

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://0xpanic.github.io/2020/07/21/Pihole.html https://github.com/pi-hole/pi-hole https://pi-hole.net/