Lucene search
HistoryDec 20, 2022 - 3:15 p.m.
CVE-2022-40624
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.972 High
EPSS
Percentile
99.8%
pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.
Affected configurations
Node
pfsensepfblockerngRange<2.1.4_27
Related
prion
prion
Design/Logic Flaw
2022-12-20 15:15:00
Design/Logic Flaw
2022-09-05 16:15:00
cvelist
cvelist
CVE-2022-40624
2022-12-20 00:00:00
CVE-2022-31814
2022-09-05 00:00:00
cve
cve
CVE-2022-40624
2022-12-20 15:15:11
CVE-2022-31814
2022-09-05 16:15:08
githubexploit
githubexploit
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-26 00:18:04
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-05 00:56:14
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-01 13:24:29
zdt
zdt
pfSense pfBlockerNG 2.1.4_26 Shell Upload Exploit
2022-10-17 00:00:00
pfBlockerNG 2.1.4_26 - Remote Code Execution Exploit
2023-02-21 00:00:00
packetstorm
packetstorm
pfBlockerNG 2.1.4_26 Remote Code Execution
2023-02-27 00:00:00
pfSense pfBlockerNG 2.1.4_26 Shell Upload
2022-10-17 00:00:00
nvd
nvd
CVE-2022-31814
2022-09-05 16:15:08
vulnrichment
vulnrichment
CVE-2022-31814
2022-09-05 00:00:00
nuclei
nuclei
pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection
2022-09-19 14:12:25
exploitdb
exploitdb
pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)
2023-02-20 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-10-14 17:03:46
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.972 High
EPSS
Percentile
99.8%
Related for NVD:CVE-2022-40624