exploitdb
WORKING POC
by IHTeam · pythonwebappsphp
https://www.exploit-db.com/exploits/51032
This exploit leverages a command injection vulnerability in pfBlockerNG via the Host header to upload a PHP shell, achieving unauthenticated remote code execution. The shell is then used to execute arbitrary commands on the target system.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26
No auth needed
Prerequisites:
Target must have pfBlockerNG installed and accessible · Python3 environment for the exploit
nomisec
WORKING POC
23 stars
by Laburity · remote
https://github.com/Laburity/CVE-2022-31814
This is a functional exploit for CVE-2022-31814, targeting pfBlockerNG <= 2.1.4_26. It achieves unauthenticated remote code execution by injecting malicious payloads via the Host header, uploading a PHP shell, and providing an interactive shell.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26 on pfSense
No auth needed
Prerequisites:
Target must have pfBlockerNG <= 2.1.4_26 installed · Network access to the target's web interface
nomisec
WORKING POC
4 stars
by EvergreenCartoons · remote
https://github.com/EvergreenCartoons/SenselessViolence
This repository contains a Python-based exploitation toolkit for CVE-2022-31814, a remote command injection vulnerability in pfSense pfBlockerNG <= 2.1.4_26. It includes modes for passive/active vulnerability checks, exploitation, and cleanup, with a focus on reliability and log wiping.
Classification
Working Poc 95%
Target:
pfSense pfBlockerNG <= 2.1.4_26
No auth needed
Prerequisites:
Network access to the target pfSense instance · Vulnerable pfBlockerNG plugin installed
nomisec
WORKING POC
3 stars
by Chocapikk · remote
https://github.com/Chocapikk/CVE-2022-31814
This is a functional exploit for CVE-2022-31814, targeting pfBlockerNG <= 2.1.4_26. It achieves unauthenticated remote code execution by uploading a shell via a crafted HTTP request and executing arbitrary commands.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26
No auth needed
Prerequisites:
Network access to the target pfSense/pfBlockerNG instance · Python 3.x with requests and concurrent.futures modules
nomisec
WORKING POC
2 stars
by drcayber · remote
https://github.com/drcayber/RCE
This exploit leverages a command injection vulnerability in pfBlockerNG <= 2.1.4_26 via the Host header to achieve unauthenticated remote code execution (RCE). It uploads a PHP shell and provides an interactive command interface.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26
No auth needed
Prerequisites:
Target must have pfBlockerNG installed and accessible · Python 3.x environment for execution
nomisec
WORKING POC
1 stars
by SystemVll · remote
https://github.com/SystemVll/CVE-2022-31814
This Python script exploits CVE-2022-31814 in pfSense by uploading a PHP shell via a command injection vulnerability in pfBlockerNG, executing arbitrary commands, and then cleaning up the shell. It targets unauthenticated RCE by leveraging a malicious Host header.
Classification
Working Poc 95%
Target:
pfSense with pfBlockerNG (versions affected by CVE-2022-31814)
No auth needed
Prerequisites:
pfBlockerNG installed on target pfSense instance · Network access to the pfSense web interface
nomisec
WORKING POC
1 stars
by dkstar11q · remote
https://github.com/dkstar11q/CVE-2022-31814
This is a functional proof-of-concept exploit for CVE-2022-31814, targeting pfBlockerNG <= 2.1.4_26. It achieves unauthenticated remote code execution by uploading a shell via a command injection vulnerability in the Host header, then executing arbitrary commands.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26
No auth needed
Prerequisites:
Target must have pfBlockerNG <= 2.1.4_26 installed · Network access to the target's web interface
nomisec
WORKING POC
1 stars
by TheUnknownSoul · remote
https://github.com/TheUnknownSoul/CVE-2022-31814
This is a functional exploit for CVE-2022-31814, targeting pfBlockerNG <= 2.1.4_26. It achieves unauthenticated RCE by injecting a malicious Host header to upload a PHP shell, then interacts with it for command execution.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26 on pfSense
No auth needed
Prerequisites:
Target must have pfBlockerNG installed and accessible · Python 3.x with requests library
nomisec
WORKING POC
by ArunHAtter · remote
https://github.com/ArunHAtter/CVE-2022-31814
This is a functional exploit for CVE-2022-31814, targeting pfBlockerNG <= 2.1.4_26. It achieves unauthenticated remote code execution by injecting a malicious payload via the Host header, uploading a PHP shell, and providing an interactive shell.
Classification
Working Poc 95%
Target:
pfBlockerNG <= 2.1.4_26
No auth needed
Prerequisites:
Target URL(s) with pfBlockerNG installed · Network access to the target · Python 3.x with requests library
nomisec
STUB
by Madliife0 · poc
https://github.com/Madliife0/CVE-2022-31814
The repository contains only a README.md file with a CVE identifier and no exploit code or technical details. It appears to be a placeholder or incomplete submission.
Target:
unknown
No auth needed
metasploit
WORKING POC
GREAT
by IHTeam, jheysel-r7 · rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/pfsense_pfblockerng_webshell.rb
This Metasploit module exploits an unauthenticated RCE vulnerability in pfSense's pfBlockerNG plugin (CVE-2022-31814) by injecting a PHP webshell via a malformed Host header, allowing root command execution.
Classification
Working Poc 100%
Target:
pfSense pfBlockerNG plugin versions 2.1.4_26 and below
No auth needed
Prerequisites:
Target must have pfBlockerNG plugin installed and vulnerable version · Network access to pfSense web interface (port 443)