CVE-2020-8816

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-8816
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8816.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-8816
Published
2020-05-29T19:15:10.983Z
Modified
2026-03-15T22:38:30.447376Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.

References

Affected packages

Git / github.com/pi-hole/pi-hole

Affected ranges

Type
GIT
Repo
https://github.com/pi-hole/pi-hole
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e41c4b5bb691cea1f5b950d39518d8c404b5846e
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.3.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/pi-hole/web
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
62f2ffc8394ac67880424644246eff8697b8e7e1

Affected versions

0.*
0.1
1.*
1.0
1.1
1.2
1.2.1
1.3
2.*
2.0
2.0.0
2.1.0
2.1.1
2.8
V2.*
V2.5.1
V2.9.1
V2.9.2
v1.*
v1.0.0
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.2
v1.3
v1.4
v1.4.1
v1.4.2
v1.4.3
v1.4.3.1
v1.4.3.1a
v1.4.4
v1.4.4.1
v1.4.4.2
v2.*
v2.0
v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.1
v2.1.0-alpha-1
v2.1.0-beta
v2.1.2
v2.10
v2.10.1
v2.10.2
v2.11
v2.11.1
v2.11.2
v2.12
v2.12.1
v2.13
v2.13.1
v2.13.2
v2.2
v2.2.0
v2.3
v2.3.1
v2.4
v2.5
v2.5.1
v2.5.2
v2.5.3
v2.6
v2.6.1
v2.6.1.1
v2.6.1.2
v2.6.2
v2.6.3
v2.7
v2.7.1
v2.8.1
v2.9
v2.9.3
v2.9.4
v2.9.4a
v2.9.5
v3.*
v3.0
v3.0.1
v3.0.1a
v3.1
v3.1.4
v3.2
v3.2.1
v3.3
v3.3.1
v4.*
v4.0
v4.1
v4.1.1
v4.2
v4.2.1
v4.2.2
v4.3
v4.3.1
v4.3.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8816.json"