CVE-2020-8816 – Pi-hole Remote Code Execution
https://natedotred.wordpress.com/2020/03/28/cve-2020-8816-pi-hole-remote-code-execution/ [natedotred.wordpress.com]
2020-05-28 17:33
Pi-hole is affected by a Remote Code Execution vulnerability. An authenticated user of the Web portal can execute arbitrary command with the underlying server with the privileges of the local user executing the service. Exploitation of this vulnerability can be automated.
Neat trick to get around input restrictions:
Luckily for us, the PATH contains the strings “pihole” and “usr” which in turn contains the “p”, “h” and “r” lower-case characters. Those are the only letters we need to write “php -r”.
source: HN