{"vulnerability": "CVE-2022-31814", "sightings": [{"uuid": "5980a4fc-2c56-497b-8258-28d43964a678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:46.000000Z"}, {"uuid": "dd2565d7-ff60-4959-bf09-7202290b2fa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "7f84d2f3-37d0-447c-9b64-2246cf9f857b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "7699dda2-d1a2-4347-87a3-536233926204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/pfsense_pfblockerng_webshell.rb", "content": "", "creation_timestamp": "2022-10-13T02:51:32.000000Z"}, {"uuid": "51d54c27-2f6b-4595-889f-1e82f4c4690d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-02)", "content": "", "creation_timestamp": "2025-12-02T00:00:00.000000Z"}, {"uuid": "9ca45437-edd2-4a09-9154-b391449218c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-17)", "content": "", "creation_timestamp": "2026-02-17T00:00:00.000000Z"}, {"uuid": "b1d7b7d0-c3fc-437b-8c12-001ee10d6f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-03)", "content": "", "creation_timestamp": "2025-12-03T00:00:00.000000Z"}, {"uuid": "7dba6eec-b0e8-4310-8da2-aacf8eb06ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-22)", "content": "", "creation_timestamp": "2026-02-22T00:00:00.000000Z"}, {"uuid": "c6ba809f-6e83-4c95-b71e-4a38aff46096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-23)", "content": "", "creation_timestamp": "2026-02-23T00:00:00.000000Z"}, {"uuid": "b311b61b-971b-4cda-8cf2-15fcf9cc96a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "ffcc54f9-a517-4249-8dd0-1f6dc5ecbc8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "523e40ae-6098-479f-9116-c761a0d02e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-24)", "content": "", "creation_timestamp": "2026-01-24T00:00:00.000000Z"}, {"uuid": "8b1a4a06-1563-448c-bbfa-c8917f20e015", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "5972ac60-becc-49f7-95ba-1aca17dd98ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "a1b954ff-deb6-4f9a-b488-a79295a0167a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-12)", "content": "", "creation_timestamp": "2026-03-12T00:00:00.000000Z"}, {"uuid": "692721b7-9205-4dce-b7c5-955513888ae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/127", "content": "Top Security News for 06/09/2022\n\nRansomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus\nhttps://thehackernews.com/2022/09/ransomware-attackers-abuse-genshin.html \n\nSAT/SMT Solvers by Example\nhttps://www.reddit.com/r/netsec/comments/x6y3hk/satsmt_solvers_by_example/ \n\nISC StormCast for Tuesday, September 6th, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8160 \n\nCVE-2022-30190, AKA Follina, Uses Macro-less Word Docs to Drop RCE Files\nhttps://www.reddit.com/r/netsec/comments/x6aqwc/cve202230190_aka_follina_uses_macroless_word_docs/ \n\nPackMyPayload - Emerging Threat of Containerized Malware. It can serve purpose for a Proof-of-Concept presenting emerging risk of container file formats with embedded malware.\nhttps://www.reddit.com/r/Malware/comments/x6xpb4/packmypayload_emerging_threat_of_containerized/ \n\nHacking my Helium Crypto Miner\nhttps://www.reddit.com/r/netsec/comments/x6d97k/hacking_my_helium_crypto_miner/ \n\nJPCERT/CC Releases URL Dataset of Confirmed Phishing Sites\nhttps://malware.news/t/jpcert-cc-releases-url-dataset-of-confirmed-phishing-sites/63125/1 \n\nISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)\nhttps://malware.news/t/isc-stormcast-for-tuesday-september-6th-2022-https-isc-sans-edu-podcastdetail-html-id-8160-tue-sep-6th/63123/1 \n\nWalkthrough of an unauthenticated RCE affecting pfBlockerNG <= 2.1.4_26 (CVE-2022-31814)\nhttps://www.reddit.com/r/netsec/comments/x6b5is/walkthrough_of_an_unauthenticated_rce_affecting/ \n\nMicrosoft will disable Basic authentication for Exchange Online in less than a month\nhttps://www.malwarebytes.com/blog/news/2022/09/microsoft-to-disable-basic-auth-for-exchange-online-in-less-than-a-month \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-09-06T14:51:49.000000Z"}, {"uuid": "50cb7624-5b3e-4091-a091-9b97d117b81a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "seen", "source": "Telegram/eXJ6uhsB4kT2KyMwIIgJLCK6BJUbaFQ2cqtfVl9phdXYTZg", "content": "", "creation_timestamp": "2023-03-06T19:04:24.000000Z"}, {"uuid": "04a52d4f-e91d-4ad9-9566-dc1e9ff66e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9010", "content": "Exploiting pfsense Remote Code Execution \u2013 CVE-2022-31814 - Laburity\n\nhttps://laburity.com/exploiting-pfsense-remote-code-execution-cve-2022-31814/", "creation_timestamp": "2024-08-09T09:14:40.000000Z"}, {"uuid": "4acbc447-8703-4b98-9053-40531efe5620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "seen", "source": "https://t.me/CyberBulletin/309", "content": "\u26a1\ufe0fExploiting pfsense Remote Code Execution \u2013 CVE-2022-31814.\n\n#CyberBulletin", "creation_timestamp": "2024-08-09T15:50:50.000000Z"}, {"uuid": "4e47572c-26b1-45e4-aee9-447e9835a2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "published-proof-of-concept", "source": "Telegram/qbRDczufhEAwfoxE7jsw2afVmX33EpB44LRknpUqHzmwaHs", "content": "", "creation_timestamp": "2025-01-16T22:00:05.000000Z"}, {"uuid": "e032de7f-e3b6-4b4f-b005-2c182db3c56b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31814", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6748", "content": "#exploit\n1. CVE-2022-31814:\npfBlockerNG Unauth RCE Vulnerability\nhttps://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability\n]-> https://github.com/Laburity/CVE-2022-31814\n\n2. Reviving Exploits Against Cred Structs - Six Byte Cross Cache Overflow to Leakless Data-Oriented Kernel Pwnage\nhttps://www.willsroot.io/2022/08/reviving-exploits-against-cred-struct.html\n\n3. CVE-2022-2639:\nLinux kernel openvswitch LPE\nhttps://github.com/veritas501/CVE-2022-2639-PipeVersion", "creation_timestamp": "2025-01-17T05:52:10.000000Z"}]}