Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2019-13051

Published: 09/10/2019 Updated: 11/10/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Pi-hole

Vulnerability Summary

Pi-Hole 4.3 allows Command Injection.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

pi-hole pi-hole 4.3

Github Repositories

https://github.com/pr0tean/CVE-2019-13051

Pi-Hole < 432 Command Injection & PrivEsc (CVE-2019-13051) Pi-Hole version 432 contains a patch to this vulnerability: pi-hole/web#974 A big thanks to the Pi-Hole dev team for their awesome project and for making it so easy to report this vulnerability! Executive Summary It is possible to remotely gain root access on the RaspberyPi device (or whichever device

References

CWE-78https://pi-hole.net/2019/09/21/pi-hole-4-3-2-release-notes/https://github.com/pi-hole/AdminLTE/pull/974https://github.com/pi-hole/pi-hole/commits/masterhttps://pi-hole.net/blog/https://nvd.nist.govhttps://github.com/pr0tean/CVE-2019-13051
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook