Remote Code Execution in Pi-hole Web v4.3.2 via Crafted DHCP Static Lease

Remote Code Execution in Pi-hole Web v4.3.2 via Crafted DHCP Static Lease

CVE-2020-8816 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.

Learn more about our Web App Pen Testing.