Critical pfSense Firewall Vulnerability Exposes Remote Code Execution Risk


A critical vulnerability in the popular open-source firewall software pfSense, identified as CVE-2022-31814, has been discovered, enabling remote code execution (RCE) attacks. This vulnerability specifically affects installations using the pfBlockerNG package. pfSense, based on FreeBSD, is celebrated for its enterprise-grade features and security, managed through a web interface. The vulnerability came to light during a security audit, with initial exploit attempts thwarted by version discrepancies in Python and PHP on the target system. Researchers overcame these hurdles by modifying the exploit script, successfully executing commands on the server. This exploit, now refined to accommodate different Python and PHP versions, has been shared on GitHub. The incident highlights the critical need for adaptability in security testing, regular updates, and a deep understanding of installed packages to safeguard against potential vulnerabilities. It also emphasizes the importance of community engagement in identifying and mitigating security threats in open-source software.
Read more at Cyber Security News…