Lucene search
MitreVULNRICHMENT:CVE-2022-31814HistorySep 05, 2022 - 12:00 a.m.
CVE-2022-31814
2022-09-0500:00:00
mitre
github.com
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
References
packetstormsecurity.com/files/168743/pfSense-pfBlockerNG-2.1.4_26-Shell-Upload.html
packetstormsecurity.com/files/171123/pfBlockerNG-2.1.4_26-Remote-Code-Execution.html
docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
github.com/pfsense/FreeBSD-ports/pull/1169
github.com/pfsense/FreeBSD-ports/pull/1169/commits/071bdcf2d918c3e51cde11cf81fbd9b6f0379d7e
www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/
Related
githubexploit
githubexploit
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-26 00:18:04
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-01 13:24:29
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-05 00:56:14
cvelist
cvelist
CVE-2022-31814
2022-09-05 00:00:00
CVE-2022-40624
2022-12-20 00:00:00
cve
cve
CVE-2022-31814
2022-09-05 16:15:08
CVE-2022-40624
2022-12-20 15:15:11
nuclei
nuclei
pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection
2022-09-19 14:12:25
packetstorm
packetstorm
pfSense pfBlockerNG 2.1.4_26 Shell Upload
2022-10-17 00:00:00
pfBlockerNG 2.1.4_26 Remote Code Execution
2023-02-27 00:00:00
zdt
zdt
pfBlockerNG 2.1.4_26 - Remote Code Execution Exploit
2023-02-21 00:00:00
pfSense pfBlockerNG 2.1.4_26 Shell Upload Exploit
2022-10-17 00:00:00
prion
prion
Design/Logic Flaw
2022-09-05 16:15:00
Design/Logic Flaw
2022-12-20 15:15:00
nvd
nvd
CVE-2022-31814
2022-09-05 16:15:08
CVE-2022-40624
2022-12-20 15:15:11
exploitdb
exploitdb
pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)
2023-02-20 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-10-14 17:03:46
7.8 High
AI Score
Confidence
Low
0.972 High
EPSS
Percentile
99.8%
Related for VULNRICHMENT:CVE-2022-31814