4 matches found
CVE-2022-31814
pfSense pfBlockerNG through 2.1.426 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected...
pfSense plugin pfBlockerNG unauthenticated RCE as root
pfBlockerNG is a popular pfSense plugin that is not installed by default. It's generally used to block inbound connections from whole countries or IP ranges. Versions 2.1.426 and below are affected by an unauthenticated RCE vulnerability that results in root access. Note that version 3.x is...
CVE-2022-31814
pfSense pfBlockerNG through 2.1.426 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected...
pfSense 操作系统命令注入漏洞
pfSense is a set of network firewalls for FreeBSD Linux. A security vulnerability exists in pfSense pfBlockerNG prior to version 2.1.426. A remote attacker could execute arbitrary operating system commands as root via shell metacharacters in the HTTP host header...