cvedb.io
CVE-2024-44069
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2024-08-19T02:15:04.437 · Last modified 2026-06-17T07:52:15.243

Summary

Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the temperature units of the web dashboard. NOTE: the supplier reportedly does "not consider the bug a security issue" but the specific motivation for letting arbitrary persons change the value (Celsius, Fahrenheit, or Kelvin), seen by the device owner, is unclear.

Affected products

pi-hole — pi-hole

Does this affect you?

Add your gear to cvedb and we'll alert you only when pi-hole ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.