Unrated severityNVD Advisory· Published Jul 30, 2020· Updated Aug 4, 2024
CVE-2020-14162
CVE-2020-14162
Description
An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Pi-Hole/Pi-Holedescription
Patches
Vulnerability mechanics
References
2- 0xpanic.github.io/2020/07/21/Pihole.htmlmitrex_refsource_MISC
- docs.pi-hole.net/core/pihole-command/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.