CVE-2022-31814

Scores

EPSS Score

0.9439

CVSS

3.x 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

All CVSS Scores

CVSS 4.0

0.0

CVSS 3.x

9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0

0.0

Description

pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.

Sources

nvd

CWEs

CWE-78

Exploits

Exploit ID: 51032

Source: exploitdb

URL: https://www.exploit-db.com/exploits/51032

Exploit ID: CVE-2022-31814

Source: github-poc

URL: https://github.com/SystemVll/CVE-2022-31814

Reference Links

http://packetstormsecurity.com/files/168743/pfSense-pfBlockerNG-2.1.4_26-Shell-Upload.html

http://packetstormsecurity.com/files/171123/pfBlockerNG-2.1.4_26-Remote-Code-Execution.html

https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html

https://github.com/pfsense/FreeBSD-ports/pull/1169

https://github.com/pfsense/FreeBSD-ports/pull/1169/commits/071bdcf2d918c3e51cde11cf81fbd9b6f0379d7e

https://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/

Vulnerable Software

Type: Configuration

Vendor: netgate

Product: pfblockerng

Operating System: * * *

Trait:

{
  "cpe_match": [
    {
      "cpe23uri": "cpe:2.3:a:netgate:pfblockerng:*:*:*:*:*:pfsense:*:*",
      "versionEndIncluding": "2.1.4_26",
      "vulnerable": true
    }
  ],
  "operator": "OR"
}

Source: nvd