CVE-2022-31814
pfBlockerNG for pfSense (pfBlockerNG) up to version 2.1.4_26 is vulnerable to OS command injection leading to root remote code execution via shell metacharacters in the HTTP Host header. 3.x is unaffected. Affected component: pfBlockerNG (pfSense package). Exploitation has been demonstrated in pu...