CVE-2020-8816
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.
Date published : 2020-05-29
http://packetstormsecurity.com/files/157861/Pi-Hole-4.3.2-DHCP-MAC-OS-Command-Execution.html
http://packetstormsecurity.com/files/158737/Pi-hole-4.3.2-Remote-Code-Execution.html