CNNVD-202507-322 Information

CNNVD ID

CNNVD-202507-322

Related CVE

CVE-2025-34087

• CNNVD Published: 2025-07-03

Description (Chinese)

Pi-hole是Pi-hole公司的一款网络级广告拦截应用程序。 Pi-hole 3.3及之前版本存在操作系统命令注入漏洞，该漏洞源于添加域名到允许列表时参数清理不当，可能导致命令注入。

Description (English)

Pi-hole is a network-level advertising interdiction application for Pi-hole. Pi-hole 3.3 and earlier versions of the operating system commands inject a loophole, which results from an inappropriate clearance of parameters between the addition of domain names and the permitted list, which may lead to the injection of the command.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

Pi-hole

Published

2025-07-03

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-34087

Patch

https://github.com/pi-hole/web/releases