5 matches found
pfSense pfBlockerNG - OS Command Injection
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header. id: CVE-2022-40624 info: name: pfSense pfBlockerNG - OS Command Injection author: ritikchaddha severity: critical description: | pfSense pfBlockerNG through 2.1.427 allow...
CVE-2022-40624
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
CVE-2022-40624
creationtimestamp| type| source ---|---|--- 2025-01-16 09:28:22+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-40624.yaml 2025-01-20 21:02:00+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lg7ad5doee27...
CVE-2022-40624
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
CVE-2022-40624
pfSense pfBlockerNG is vulnerable through pfBlockerNG versions up to 2.1.4_27 to OS command injection via the HTTP Host header, allowing remote execution with root privileges. The issue affects pfBlockerNG components handling Host header input and can lead to full compromise of affected systems (...