NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-44069

Summary	Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the temperature units of the web dashboard. NOTE: the supplier reportedly does "not consider the bug a security issue" but the specific motivation for letting arbitrary persons change the value (Celsius, Fahrenheit, or Kelvin), seen by the device owner, is unclear.
Publication Date	Aug. 19, 2024, 11:15 a.m.
Registration Date	Aug. 26, 2024, 5 p.m.
Last Update	Oct. 30, 2024, 6:35 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/pi-hole/web/pull/3077
2	https://www.kiyell.com/The-Harmless-Pihole-Bug/

Common Vulnerabilities List

JVN Vulnerability Information

Pi-hole における認証の欠如に関する脆弱性

Title	Pi-hole における認証の欠如に関する脆弱性
Summary	Pi-hole には、認証の欠如に関する脆弱性が存在します。
Possible impacts	情報を改ざんされる可能性があります。
Solution	参考情報を参照して適切な対策を実施してください。
Publication Date	Aug. 19, 2024, midnight
Registration Date	Oct. 15, 2025, 5:23 p.m.
Last Update	Oct. 15, 2025, 5:23 p.m.

Affected System

Pi-hole

Pi-hole 6.0 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-44069	https://www.cve.org/CVERecord?id=CVE-2024-44069
National Vulnerability Database (NVD)
2	CVE-2024-44069	https://nvd.nist.gov/vuln/detail/CVE-2024-44069

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-862	https://cwe.mitre.org/data/definitions/862.html

その他

No	Name	URL
関連文書
1	github.com (pull/3077)	https://github.com/pi-hole/web/pull/3077
2	www.kiyell.com (The-Harmless-Pihole-Bug)	https://www.kiyell.com/The-Harmless-Pihole-Bug/

Change Log

No	Changed Details	Date of change
1	[2025年10月15日] 掲載	Oct. 15, 2025, 5:23 p.m.