CVE-2024-4577
Critical Severity
Php
Php
SVRS
99/100
CVSSv3
9.8/10
EPSS
0.94376/1
CVE-2024-4577 is a critical vulnerability in PHP affecting Windows systems using Apache and PHP-CGI. This flaw allows a malicious user to execute arbitrary PHP code by manipulating command-line arguments. The SVRS score of 99 indicates an extremely high risk, demanding immediate action. Specifically, when certain code pages are enabled, Windows' "Best-Fit" behavior can be exploited to inject PHP options. This could lead to source code disclosure or complete server compromise. Given its presence "In The Wild," publicly available exploits, inclusion in the CISA KEV catalog, and association with known ransomware campaigns, patching is crucial. Failing to address CVE-2024-4577 can result in severe security breaches and significant data loss.
TAGS
In The Wild
Exploit Avaliable
CISA KEV
Known Ransomware Campaign Use
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-06-09
LAST MODIFIED2025-03-28
Indicators of Compromise
| Type | Indicator | Date | |
|---|---|---|---|
HASH | 0440b3fbc030233b4e9c6748eba27e4d | 2024-06-18 | |
HASH | 6bef5498c56691553dc95917ff103f5e | 2024-06-18 | |
IP | 2.58.15.118 | 2024-06-18 | |
HASH | 2545129335dbd7263bc3b3337f919fd6 | 2024-07-11 | |
HASH | 262d0c43b9204fdfc4a575bc85d7f019 | 2024-07-11 | |
HASH | 5a9ece853305022172ea59f17802bca4 | 2024-07-11 | |
HASH | 3e2bbe23c90fe761145a984c73aec384cd400f46 | 2024-07-11 |
Exploits
| Title | Software Link | Date |
|---|---|---|
| Junp0/CVE-2024-4577 | https://github.com/Junp0/CVE-2024-4577 | 2024-06-07 |
| 11whoami99/CVE-2024-4577 | https://github.com/11whoami99/CVE-2024-4577 | 2024-06-07 |
| watchtowrlabs/CVE-2024-4577 | https://github.com/watchtowrlabs/CVE-2024-4577 | 2024-06-07 |
| manuelinfosec/CVE-2024-4577 | https://github.com/manuelinfosec/CVE-2024-4577 | 2024-06-08 |
| zomasec/CVE-2024-4577 | https://github.com/zomasec/CVE-2024-4577 | 2024-06-08 |
| ZephrFish/CVE-2024-4577-PHP-RCE | https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE | 2024-06-08 |
| ZephrFish/CVE-2024-4577-PoC | https://github.com/ZephrFish/CVE-2024-4577-PoC | 2024-06-08 |
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs
News
Lockbit Ransomware Hackers Got Hacked Again: Database, Plaintext Passwords Leaked - NewsBreak: Local News & Alerts
2025-05-08
Lockbit Ransomware Hackers Got Hacked Again: Database, Plaintext Passwords Leaked - NewsBreak: Local News & Alerts | News Content: The notorious LockBit ransomware gang, still grappling with the fallout from a significant law enforcement takedown in early 2024, has been dealt another severe blow. On May 7, attackers breached and defaced LockBit’s dark web affiliate panels, leaking a critical MySQL database that lays bare the group’s operational secrets. This latest security failure, as reported by BleepingComputer , exposed an alarming array of sensitive information: nearly 60,000 Bitcoin addresses, detailed configurations for affiliate ransomware builds, over 4,400 private victim negotiation chats
google.com
rss
forum
news
LockBit ransomware group hit by data breach - techzine.eu
2025-05-08
LockBit ransomware group hit by data breach - techzine.eu | News Content: The LockBit ransomware group has itself fallen victim to a data breach after its affiliate panels on the dark web were hacked and provided with a message containing a link to a MySQL database dump. All of the group’s management pages now display the text: Don’t commit crimes. Crimes are bad. Greetings from Prague. The text is accompanied by a download link for a file named paneldb_dump.zip. Threat actor Rey was the first to notice this. The zip file contains an SQL file with a dump of the
php
google.com
rss
forum
Tageszusammenfassung - 10.03.2025
CERT.at2025-05-01
Tageszusammenfassung - 10.03.2025 | End-of-Day report Timeframe: Freitag 07-03-2025 18:00 - Montag 10-03-2025 18:00 Handler: Alexander Riepl Co-Handler: n/a News FTC will send $25.5 million to victims of tech support scams -Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and Reimages scare tactics. https://www.bleepingcomputer.com/news/security/ftc-will-send-255-million-to-victims-of-tech-support-scams/ <
cert.at
rss
forum
news
SOC292 — Possible PHP Injection Detected (CVE-2024–4577) Write-up
Dh2025-04-30
SOC292 — Possible PHP Injection Detected (CVE-2024–4577) Write-up | Hello everyone! Today we are going to do a step-by-step analysis of SOC292-Possible PHP Injection Detected (CVE-2024–4577). Let’s first…Continue reading
medium.com
rss
forum
news
CVE-2024-4577 Exploits in the Wild One Day After Disclosure
Kyle Lefton, Allen West & Sam Tinklenberg2025-04-01
CVE-2024-4577 Exploits in the Wild One Day After Disclosure | Akamai researchers have observed numerous exploit attempts for the PHP vulnerability CVE-2024-4577 as early as one day after disclosure.
feedburner.com
rss
forum
news
ISC StormCast for Monday, June 10th, 2024
Dr. Johannes B. Ullrich2024-06-10
ISC StormCast for Monday, June 10th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. PHP Vulnerablity Exploited; PyTorch RPC Vulnerability; Malicious VSCode ExtensionsPHP Unicode Remote Code Execution Exploit https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ PyTorch Distributed RPC Framework Remote Code Execution https://huntr.com/bounties/39811836-c5b3-4999-831e-46fee8fcade3 https://www.cve.org/CVERecord?id=CVE-2024-5480 Malicious VSCode Extensions Used by
sans.edu
rss
forum
news
ISC StormCast for Wednesday, August 21st, 2024
Dr. Johannes B. Ullrich2024-08-21
ISC StormCast for Wednesday, August 21st, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. MSFT IPv6 Vuln Update; MSFT August update and Linux boot issues; php cgi-bin exploited; f5 updatesWhere are we with CVE-2024-38063: Microsoft IPv6 Vulnerability https://isc.sans.edu/diary/Where+are+we+with+CVE202438063+Microsoft+IPv6+Vulnerability/31186 Microsoft August Update Prevents Linux from Booting https://community.frame.work/t/sbat-verification-error-booting-linux-after-windows-update/56354 PHP CGI Vulnerability Exploited CVE-2024-4577 <a href="https://symantec-enterprise-blogs.security.com
sans.edu
rss
forum
news
Social Media
dCypher
@dCypherIO
💥 LockBit ransomware gang hacked
Their dark web site was defaced, leaking a MySQL dump with 75 affiliate passwords, chats, BTC addresses, and configs. The breach (via CVE-2024-4577) adds to LockBit’s post-Cronos downfall.
https://t.co/r5vn93jjUG
#Lockbit #DataLeak #DarkWeb https://t.co/8dGrYAMU1k
0
0
0
Btc Updates
@BtcUpdates21
Everest ransomware's dark web site, suggesting a possible link. The server was also running PHP 8.1.2, which is vulnerable to CVE-2024-4577 — a critical flaw that can allow remote code execution, the outlet said.
1
0
0
Flu Project
@fluproject
🔒¡Alerta de Seguridad!🔒
¿Conoces la nueva vulnerabilidad CVE-2024-4577? 🚨 Esta brecha crítica puede poner en riesgo tus sistemas. No te pierdas nuestro último artículo de Flu Project para saber cómo protegerte y mantener tus datos seguros.
➡️ https://t.co/Ji3wYS2dGI 💻 https://t.co/pNMAJxpbUF
0
0
0
Bryce Kunz
@TweekFawkes
Cybercriminals are now officially pathetic.
They're exploiting a PHP vuln (CVE-2024-4577) and then... fighting EACH OTHER over the compromised servers. 🤦♂️
Using the *same vulnerability* to try and block *rival hackers'* IPs.
This isn't sophisticated cyber warfare. It's idiots https://t.co/U48aIeBchF
0
0
0
Threat Intelligence
@threatintel
#ThreatProtection #CVE-2024-4577 makes a return in recent #malware campaigns. Read more: https://t.co/u2qG0kCBp1 #PHP #vulnerability https://t.co/IGG6YS6CAK
0
0
2
Trellix Advanced Research Center
@TrellixARC
3️⃣ Mass Exploitation Of PHP CGI Vulnerability (CVE-2024-4577)
Threat level: Medium 🟧
CVE-2024-4577, a critical PHP vulnerability affecting Windows CGI implementations, has been under active exploitation since June 2024.
1
0
0
DeepFlow
@DeepFlowcc
Hackers are exploiting a PHP flaw (CVE-2024-4577) to drop crypto miners & RATs like Quasar! Taiwan, HK, Brazil top targets. Some even block rival hackers—talk about cyber turf wars! Patch PHP now & restrict PowerShell. #CyberSecurity #Hacking #Crypto #ThreatIntel
0
0
0
Hunt.io
@Huntio
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners 🚩
https://t.co/kynTNvXZlz
A critical vulnerability in #PHP (CVE-2024-4577) allows attackers to execute arbitrary code on Windows-based systems, leading to the deployment of #QuasarRAT and #XMRig miners.
0
0
0
Sami Laiho
@samilaiho
Escalating Attacks Targeting CVE-2024-4577 in PHP-CGI for Windows - Greenbone https://t.co/w9r1vBu6tg
0
0
0
ProPakistani
@ProPakistaniPK
The National Computer Emergency Response Team (NCERT) has issued an advisory regarding a critical PHP vulnerability, tracked as CVE-2024-4577, which threatens Windows-based systems running in CGI mode.
Read More: https://t.co/DnPLof0pwG https://t.co/Rd1hy5BVIe
0
0
0
Affected Software
Configuration 1
| Type | Vendor | Product | |
|---|---|---|---|
| App | Php | php |
Configuration 2
| Type | Vendor | Product | |
|---|---|---|---|
| OS | Fedoraproject | fedora |
References
| Reference | Link |
|---|---|
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| [email protected] | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| AF854A3A-2127-422B-91AE-364DA2661108 | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/11whoami99/CVE-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/rapid7/metasploit-framework/pull/19247 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/watchtowrlabs/CVE-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://isc.sans.edu/diary/30994 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.1.29 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.2.20 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.3.8 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| [email protected] | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| AF854A3A-2127-422B-91AE-364DA2661108 | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://blog.talosintelligence.com/new-persistent-attacks-japan/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/11whoami99/CVE-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/rapid7/metasploit-framework/pull/19247 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/watchtowrlabs/CVE-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://isc.sans.edu/diary/30994 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.1.29 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.2.20 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.3.8 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| [email protected] | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
| GITHUB | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| GITHUB | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| GITHUB | https://github.com/11whoami99/CVE-2024-4577 |
| GITHUB | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| GITHUB | https://github.com/watchtowrlabs/CVE-2024-4577 |
| GITHUB | https://isc.sans.edu/diary/30994 |
| GITHUB | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://blog.talosintelligence.com/new-persistent-attacks-japan/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/11whoami99/CVE-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/rapid7/metasploit-framework/pull/19247 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/watchtowrlabs/CVE-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://isc.sans.edu/diary/30994 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.1.29 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.2.20 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.php.net/ChangeLog-8.php#8.3.8 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577 |
| AF854A3A-2127-422B-91AE-364DA2661108 | https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577 |
| [email protected] | http://www.openwall.com/lists/oss-security/2024/06/07/1 |
| [email protected] | https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/ |
| [email protected] | https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html |
| [email protected] | https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately |
| [email protected] | https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ |
| [email protected] | https://github.com/11whoami99/CVE-2024-4577 |
| [email protected] | https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv |
| [email protected] | https://github.com/rapid7/metasploit-framework/pull/19247 |
| [email protected] | https://github.com/watchtowrlabs/CVE-2024-4577 |
| [email protected] | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE |
| [email protected] | https://isc.sans.edu/diary/30994 |
| [email protected] | https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/ |
| [email protected] | https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/ |
| [email protected] | https://security.netapp.com/advisory/ntap-20240621-0008/ |
| [email protected] | https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/ |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.1.29 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.2.20 |
| [email protected] | https://www.php.net/ChangeLog-8.php#8.3.8 |
CWE Details
| CWE ID | CWE Name | Description |
|---|---|---|
| CWE-78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
CVE Radar
Real-time CVE Intelligence & Vulnerability Management Platform
CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.
Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence