这是您想要的页面. 查看搜索结果:

在线咨询

联系是德科技

欢迎

您已使用以下登录名称 :

我的个人信息
退出

请确认

Confirm your country to access relevant pricing, special offers, events, and contact information.

您希望搜索哪方面的内容？

Pro Oscilloscopes Handheld Spectrum Analyzers Compact Signal Generators 寻找解决方案需要技术支持参加课程查找活动原厂翻新仪器 KeysightCare 在线购买

No product matches found - System Exception

pfSense pfBlockerNG Host Header Command Injection

Strike ID:

E23-epv41

CVSS:

9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

False Positive:

f

Variants:

2

Year:

2022

Description

This strike exploits a command injection vulnerability in Netgate pfSense pfBlockerNG. This vulnerability is due to improper input validation for the Host HTTP header. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successfully exploiting this vulnerability could result in OS command injection in the context of root.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40624

References

https://github.com/dhammon/pfBlockerNg-CVE-2022-40624