CNNVD-202510-3481 Information

CNNVD ID

CNNVD-202510-3481

Related CVE

CVE-2025-59151

• CNNVD Published: 2025-10-27

Description (Chinese)

Pi-Hole Adminlte是一个控制面板。用于统计更多数据。 Pi-Hole Adminlte 6.3之前版本存在注入漏洞，该漏洞源于对.lp扩展名文件的请求重定向时未正确清理输入，可能导致CRLF注入攻击。

Description (English)

Pi-Hole Adminlte is a control panel. For more data. Pi-Hole Adminlte 6.3 had an injection loophole, which stemmed from an incorrect clean-up of input when re-orienting requests for .lp extension files, which could lead to an attack by CRLF.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

个人开发者

Published

2025-10-27

Last Modified

2026-02-24

References

https://github.com/pi-hole/web/security/advisories/GHSA-5v79-p56f-x7c4 https://access.redhat.com/security/cve/cve-2025-59151

Patch

https://pi-hole.net/