Today > | 2 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-44069

Aug. 19, 2024, 12:59 p.m.

Product(s) Impacted

Pi-hole

  • before 6

Description

Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the temperature units of the web dashboard. NOTE: the supplier reportedly does "not consider the bug a security issue" but the specific motivation for letting arbitrary persons change the value (Celsius, Fahrenheit, or Kelvin), seen by the device owner, is unclear.

Weaknesses

Date

Published: Aug. 19, 2024, 2:15 a.m.

Last Modified: Aug. 19, 2024, 12:59 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References