9

CVE-2020-11108

Exploit
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pi-holePi-hole Version <= 4.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 78.26% 0.995
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 9 8 10
AV:N/AC:L/Au:S/C:C/I:C/A:C
CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

http://packetstormsecurity.com/files/157623/Pi-hole-4.4-Remote-Code-Execution.html
Third Party Advisory
Exploit
VDB Entry
http://packetstormsecurity.com/files/157624/Pi-hole-4.4-Remote-Code-Execution-Privilege-Escalation.html
Third Party Advisory
Exploit
VDB Entry
http://packetstormsecurity.com/files/157748/Pi-Hole-heisenbergCompensator-Blocklist-OS-Command-Execution.html
http://packetstormsecurity.com/files/157839/Pi-hole-4.4.0-Remote-Code-Execution.html
https://frichetten.com/blog/cve-2020-11108-pihole-rce/
Third Party Advisory
Exploit
https://github.com/Frichetten/CVE-2020-11108-PoC
Third Party Advisory
Exploit