ID CVE-2020-8816
Summary Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.
References
Vulnerable Configurations
  • cpe:2.3:a:pi-hole:pi-hole:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.6.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.6.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.8:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.11:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.12:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.13:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:2.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:2.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:pi-hole:pi-hole:4.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:pi-hole:pi-hole:4.3.2:*:*:*:*:*:*:*
CVSS
Base: 6.5
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
Last major update 29-05-2020 - 19:27
Published 29-05-2020 - 19:15
Last modified 01-06-2020 - 14:15
Back to Top