CVE-2022-31814 - pfSense Unauthenticated Remote Code Execution in pfBlockerNG Package

Oct 2, 2025 · 1 min read · Vulnerability Command injection vulnerability exists in index.php of pfBlockerNG. Host header, which is user input, is entered into exec. <?php /* index.php pfBlockerNG (DNSBL) Copyright (c) 2015-2016 BBcan177@gmail.com All rights re...