Vulnerabilidades em pi-hole
33 resultadosCVE-2021-32706HIGH(Authenticated) Remote Code Execution Possible in Web Interface 5.5EPSS 60.2%CVE-2022-23513MEDIUMPi-Hole/AdminLTE vulnerable due to improper access control in queryads endpointEPSS 40.2%CVE-2024-34361HIGHPi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)EPSS 2.8%CVE-2021-29449MEDIUMMultiple Privilege Escalation Vulnerabilities PiholeEPSS 1.9%CVE-2024-28247HIGHPihole Authenticated Arbitrary File Read with root privilegesEPSS 1.4%CVE-2026-33765HIGHPi-hole Web Interface has a Command Injection VulnerabilityEPSS 1.1%CVE-2021-3706HIGHSensitive Cookie Without 'HttpOnly' Flag in pi-hole/adminlteEPSS 1.1%CVE-2023-23614HIGHImproper session handling of "Remember me for 7 days" functionalityEPSS 1.0%CVE-2026-39849HIGHPi-hole FTL remote code execution via newline injection in dns.interface configurationEPSS 1.0%CVE-2021-41175HIGHStored XSS in Client Groups Management (Authenticated)EPSS 0.9%CVE-2026-35517HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dns.upstreams Newline InjectionEPSS 0.9%CVE-2021-32793MEDIUMStored XSS Vulnerability in the Pi-hole WebinterfaceEPSS 0.8%CVE-2026-35520HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline InjectionEPSS 0.7%CVE-2026-35521HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dhcp.hosts Newline InjectionEPSS 0.7%CVE-2026-35518HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dns.cnameRecords Newline InjectionEPSS 0.7%CVE-2021-29448HIGHStored DOM XSS in Pi-hole Admin Web InterfaceEPSS 0.7%CVE-2025-53533MEDIUMPi-hole Admin Interface vulnerable to cross-site scripting via malformed URL path on 404 error pageEPSS 0.6%CVE-2026-35519HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dns.hostRecord Newline InjectionEPSS 0.5%CVE-2021-3812MEDIUMCross-site Scripting (XSS) - Reflected in pi-hole/adminlteEPSS 0.5%CVE-2021-3811MEDIUMCross-site Scripting (XSS) - Reflected in pi-hole/adminlteEPSS 0.5%