Sopwnd

**Name of the Vulnerable Software and Affected Versions** Pi-Hole (affected versions not specified) **Description** The issue is related to a lack of validation in the code on a root server path: `/admin/scripts/pi-hole/phpqueryads.php`. This allows a potential threat actor to perform an unauthorized query for blocked domains on the `queryads` endpoint, potentially leading to the disclosure of victims' personal blacklists. The vulnerability is associated with inadequate access control in the Pi-hole AdminLTE dashboard. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.