← Back to CVE List

CVE-2022-23513

Published: 2022-12-23T00:15Z
Last Modified: 2025-04-11T14:48Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path: `/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims' personal blacklists. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt