NVD - CVE-2024-28247 (2024)

Table of Contents
Description Metrics References to Advisories, Solutions, and Tools Weakness Enumeration Change History

Awaiting Analysis

This vulnerability is currently awaiting analysis.

Description

The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs from behind, reading files is done as a privileged user.If the URL that is in the list of "Adslists" begins with "file*" it is understood that it is updating from a local file, on the other hand if it does not begin with "file*" depending on the state of the response it does one thing or another. The problem resides in the update through local files. When updating from a file which contains non-domain lines, 5 of the non-domain lines are printed on the screen, so if you provide it with any file on the server which contains non-domain lines it will print them on the screen. This vulnerability is fixed by 5.18.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:


NVD - CVE-2024-28247 (1)

NIST:NVD

N/A

NVD assessment not yet provided.

See Also
Overview - Pi-hole documentationIPsec vs. WireGuard · TailscalepiHole cripples internet speedMonitor and get list of URLs of websites visited?

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Hyperlink Resource
https://github.com/pi-hole/pi-hole/commit/f3af03174e676c20e502a92ed7842159f2fdeb7e
https://github.com/pi-hole/pi-hole/security/advisories/GHSA-95g6-7q26-mp9x

Weakness Enumeration

CWE-ID CWE Name Source
CWE-269 Improper Privilege Management GitHub, Inc.  
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor GitHub, Inc.  

Change History

2 change records found show changes

NVD - CVE-2024-28247 (2024)
Top Articles
Dutch Drinks
Barchart.com | Commodity, Stock, and Currency Quotes, Charts, News & Analysis
Funny Roblox Id Codes 2023
Bj 사슴이 분수
My E Chart Elliot
Www.craigslist Virginia
East Cocalico Police Department
Jonathon Kinchen Net Worth
St Petersburg Craigslist Pets
America Cuevas Desnuda
The Realcaca Girl Leaked
Barstool Sports Gif
What's New on Hulu in October 2023
Pollen Count Los Altos
What is the surrender charge on life insurance?
Breakroom Bw
104 Whiley Road Lancaster Ohio
Viha Email Login
Log in or sign up to view
Hdmovie2 Sbs
*Price Lowered! This weekend ONLY* 2006 VTX1300R, windshield & hard bags, low mi - motorcycles/scooters - by owner -...
Joan M. Wallace - Baker Swan Funeral Home
Teen Vogue Video Series
Loslaten met de Sedona methode
Kirk Franklin Mother Debra Jones Age
Hdmovie2 Sbs
Is Henry Dicarlo Leaving Ktla
Lacey Costco Gas Price
The Goonies Showtimes Near Marcus Rosemount Cinema
Rainfall Map Oklahoma
031515 828
Barbie Showtimes Near Lucas Cinemas Albertville
The Ultimate Guide to Obtaining Bark in Conan Exiles: Tips and Tricks for the Best Results
Rust Belt Revival Auctions
Craigslist Mount Pocono
Bbc Gahuzamiryango Live
Ashoke K Maitra. Adviser to CMD's. Received Lifetime Achievement Award in HRD on LinkedIn: #hr #hrd #coaching #mentoring #career #jobs #mba #mbafreshers #sales…
Bob And Jeff's Monticello Fl
Dinar Detectives Cracking the Code of the Iraqi Dinar Market
Ethan Cutkosky co*ck
Wordle Feb 27 Mashable
Juiced Banned Ad
2Nd Corinthians 5 Nlt
Sara Carter Fox News Photos
Rise Meadville Reviews
Value Village Silver Spring Photos
Bf273-11K-Cl
Product Test Drive: Garnier BB Cream vs. Garnier BB Cream For Combo/Oily Skin
Pelican Denville Nj
sin city jili
Affidea ExpressCare - Affidea Ireland
Latest Posts
Is my Home an Asset or Liability? | SingCapital| SingCapital
Sharetipsinfo.com
Article information

Author: Mr. See Jast

Last Updated:

Views: 6408

Rating: 4.4 / 5 (75 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Mr. See Jast

Birthday: 1999-07-30

Address: 8409 Megan Mountain, New Mathew, MT 44997-8193

Phone: +5023589614038

Job: Chief Executive

Hobby: Leather crafting, Flag Football, Candle making, Flying, Poi, Gunsmithing, Swimming

Introduction: My name is Mr. See Jast, I am a open, jolly, gorgeous, courageous, inexpensive, friendly, homely person who loves writing and wants to share my knowledge and understanding with you.