CVE-2020-8816 PoC — Pi-hole 操作系统命令注入漏洞

Source

https://github.com/cybervaca/CVE-2020-8816

Associated Vulnerability

Title:Pi-hole 操作系统命令注入漏洞 (CVE-2020-8816)
Description:Pi-hole是Pi-hole公司的一款网络级广告拦截应用程序。 Pi-hole Web interface 4.3.2及之前版本中存在安全漏洞。攻击者可利用该漏洞执行任意命令。

Description

Pi-hole Remote Code Execution authenticated Version >= 4.3.2

Readme

# CVE-2020-8816
Pi-hole Remote Code Execution authenticated Version >= 4.3.2

# Usage 

python3 CVE-2020-8816.py -u http://10.10.10.10 -i 10.10.14.172 -p 1337 -pass admin

# Example

 ![](example.png)

# More info

https://natedotred.wordpress.com/2020/03/28/cve-2020-8816-pi-hole-remote-code-execution/

File Snapshot


 [4.0K]  /data/pocs/6616b4b89eed85677cc194123f0eeea82af654d6
├── [4.1K]  CVE-2020-8816.py
├── [ 40K]  example.png
└── [ 304]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!