KEVIntel
Back to KEVs
9.1
CVSS
Critical

CVE-2020-8816

PUBLISHED

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.

Exploited in the wild Remote Low complexity No user interaction
Vendor
Pi-hole
Product
Pi-hole Web
Published
May 29, 2020
EPSS

Description

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.

cisa metasploit

CVSS scores

CVSS v3.0 9.1 Critical

CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N

Exploitation status

Exploited in the wild

Recorded 2021-12-10 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Dec 10, 2021
CISA Dec 10, 2021

Scanner integrations

Scanner Reference Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/pihole_dhcp_mac_exec.rb Apr 28, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

pihole_dhcp_mac_exec

metasploit · Created Unknown

Metasploit module for CVE-2020-8816

team0se7en/CVE-2020-8816

github · Created 2020-08-06 14:04:54 UTC · 6 stars

Pi-hole ( <= 4.3.2) authenticated remote code execution.

cybervaca/CVE-2020-8816

github · Created 2020-08-04 10:23:28 UTC · 12 stars

Pi-hole Remote Code Execution authenticated Version >= 4.3.2

martinsohn/CVE-2020-8816

github · Created 2020-06-15 18:24:19 UTC · 1 stars

A PoC for CVE-2020-8816 that does not use $PATH but $PWD and globbing

AndreyRainchik/CVE-2020-8816

github · Created 2020-05-10 01:12:28 UTC · 10 stars

A Python script to exploit CVE-2020-8816, a remote code execution vulnerability on the Pi-hole

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Added to KEVIntel

  • Detected by Metasploit