Back to KEVs

CVE-2022-31814

pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host...

Basic Information

CVE State
PUBLISHED
Reserved Date
May 31, 2022
Published Date
September 05, 2022
Last Updated
August 03, 2024
Vendor
n/a
Product
n/a
Description
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
Tags
nuclei_scanner

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
poc
Automatable
Yes
Technical Impact
total

Exploit Status

Proof of Concept Available
Yes (added 2024-07-23 09:44:46 UTC) Source

References

https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html https://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/ http://packetstormsecurity.com/files/168743/pfSense-pfBlockerNG-2.1.4_26-Shell-Upload.html http://packetstormsecurity.com/files/171123/pfBlockerNG-2.1.4_26-Remote-Code-Execution.html https://github.com/pfsense/FreeBSD-ports/pull/1169 https://github.com/pfsense/FreeBSD-ports/pull/1169/commits/071bdcf2d918c3e51cde11cf81fbd9b6f0379d7e

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-12-03 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/pfsense_pfblockerng_webshell.rb 2025-04-28 15:02:30 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-31814.yaml 2025-04-25 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

pfsense_pfblockerng_webshell

Type: metasploit • Created: Unknown

Metasploit module for CVE-2022-31814

Laburity/CVE-2022-31814

Type: github • Created: 2024-07-23 09:44:46 UTC • Stars: 23

Updated Exploit - pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)

Chocapikk/CVE-2022-31814

Type: github • Created: 2023-03-26 00:18:04 UTC • Stars: 3

pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Proof of Concept Exploit Available

  • Detected by Nuclei

  • Detected by Metasploit

  • Added to KEVIntel