Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since www-data is in the sudoers.d/pihole file with no password.

You May Also Like

Fake Kaseya VSA Security Update Drops Cobalt Strike

Threat actors are planting Cobalt Strike backdoors by malspamming a bogus Microsoft…

Vigilante malware stops victims from visiting piracy websites

This strange malware stops you from visiting pirate websites Sophos researchers uncoveredĀ a…

5 Steps to Improving Ransomware Resiliency

Alex Restrepo, cybersecurity researcher at Veritas, lays out the key concepts that…