all InfoSec news
CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability
June 7, 2024, 5:18 p.m. | Scott Caveza
Cyber Exposure Alerts www.tenable.com
Researchers disclose a critical severity vulnerability affecting PHP installations and provide proof-of-concept exploit code, which could lead to remote code execution.
Background
On June 6, maintainers of PHP released updates to address a critical vulnerability affecting installations where PHP is used in CGI mode. As part of a coordinated release, researchers at DEVCORE published a blog post with their analysis of the vulnerability and its impact.
CVEDescriptionCVSSv3CVE-2024-4577PHP-CGI Argument Injection Vulnerability9.8Analysis
CVE-2024-4577 is a critical argument injection …
More from www.tenable.com / Cyber Exposure Alerts
Jobs in InfoSec / Cybersecurity
Watch Officer and Operations Officer
@ Interclypse | Arlington, VA, US
Sales Development Representative
@ Devo | United States
Principal Software Engineer
@ Oracle | Seattle, WA, United States
Engineering Manager, Cloud - TDIR (Remote)
@ CrowdStrike | USA CA Remote
Linux System Administrator II
@ Peraton | Fort Meade, MD, United States
Linux System Administrator
@ Peraton | Fort Meade, MD, United States