Reworked and optimized exploit script of pfBlockerNG 2.1.4_26 vulnerability
Exploit Title: pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)
Shodan Results:
https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22
Date: 5th of September 2022
Exploit Author: IHTeam
Vendor Homepage: https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
Software Link: https://github.com/pfsense/FreeBSD-ports/pull/1169
Version: 2.1.4_26
Tested on: pfSense 2.6.0
CVE : CVE-2022-31814
Original Advisory: https://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/
-
Notifications
You must be signed in to change notification settings - Fork 0
License
TheUnknownSoul/CVE-2022-31814
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
About
No description, website, or topics provided.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published