exploitDog

GHSA-crg2-7qxv-74jh

Опубликовано: 20 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.

pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.

Ссылки

EPSS

Процентиль: 100%

0.90922

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2022-40624

CVSS3: 9.8

nvd

около 3 лет назад

pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.

EPSS

Процентиль: 100%

0.90922

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78