CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32706 – (Authenticated) Remote Code Execution Possible in Web Interface 5.5
https://notcve.org/view.php?id=CVE-2021-32706
Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics. Prior to Pi-hole Web interface version 5.5.1, the `validDomainWildcard` preg_match filter allows a malicious character through that can be used to execute code, list directories, and overwrite sensitive files. The issue lies in the fact that one of the periods is not escaped, allowing any character to be used in its place. A patch for this vulnerability was released in version 5.5.1. La interfaz web de Pi-hole proporciona una ubicación central para administrar una instancia de Pi-hole y revisar las estadísticas de rendimiento. • https://github.com/pi-hole/AdminLTE/releases/tag/v5.5.1 https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-5cm9-6p3m-v259 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-29448 – Stored DOM XSS in Pi-hole Admin Web Interface
https://notcve.org/view.php?id=CVE-2021-29448
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details. Pi-hole es una aplicación de bloqueo de anuncios y rastreadores de Internet a nivel de red de Linux. El ataque XSS Almacenado se presenta en el portal de Administración de Pi-hole, que puede ser explotado por el actor malicioso con acceso de red al servidor DNS. • https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-cwwf-93p7-73j9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2021-29449 – Multiple Privilege Escalation Vulnerabilities Pihole
https://notcve.org/view.php?id=CVE-2021-29449
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the referenced GitHub security advisory for details. Pi-hole es una aplicación de bloqueo de anuncios y rastreadores de Internet a nivel de red de Linux. Se detectaron múltiples vulnerabilidades de escalada de privilegios en versión 5.2.4 de Pi-hole core. • http://packetstormsecurity.com/files/163715/Pi-Hole-Remove-Commands-Linux-Privilege-Escalation.html https://github.com/pi-hole/pi-hole/security/advisories/GHSA-3597-244c-wrpj https://www.compass-security.com/fileadmin/Research/Advisories/2021-02_CSNC-2021-008_Pi-hole_Privilege_Escalation.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-269: Improper Privilege Management •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 1CVE-2020-35592
https://notcve.org/view.php?id=CVE-2020-35592
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the session cookie. Pi-hole versiones 5.0, 5.1 y 5.1.1, permite un ataque de tipo XSS por medio del encabezado Options al URI admin/. Un usuario remoto puede inyectar un script web o HTML arbitrario debido a un saneamiento incorrecto de los datos suministrados por el usuario y lograr un ataque de tipo Cross-Site Scripting Reflejado contra otros usuarios y robar la cookie de sesión • https://discourse.pi-hole.net/c/announcements/5 https://n4nj0.github.io/advisories/pi-hole-multiple-vulnerabilities-i • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-35591
https://notcve.org/view.php?id=CVE-2020-35591
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session. Pi-hole versiones 5.0, 5.1 y 5.1.1, permite una Fijación de Sesión. • https://discourse.pi-hole.net/c/announcements/5 https://n4nj0.github.io/advisories/pi-hole-multiple-vulnerabilities-i • CWE-384: Session Fixation •