PT-2020-12554 · Pi-Hole · Pi-Hole

Published

2020-05-11

Updated

2020-05-27

CVE-2020-11108

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Pi-hole versions 4.4 and earlier

Description The issue allows an authenticated adversary to upload arbitrary files, which can be abused for Remote Code Execution by writing to a PHP file in the web directory. This can also be used in conjunction with the sudo rule for the www-data user to escalate privileges to root. The code error is in the gravity DownloadBlocklistFromUrl function in gravity.sh.

Recommendations For Pi-hole versions 4.4 and earlier, update to version 5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the gravity.sh script and the web directory to minimize the risk of exploitation. Avoid using the gravity DownloadBlocklistFromUrl function in gravity.sh until the issue is resolved.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2020-11108

Affected Products

Pi-Hole

PT-2020-12554 · Pi-Hole · Pi-Hole

CVE-2020-11108

Weakness Enumeration

Related Identifiers

Affected Products

References · 21