CVE-2024-4577

NVD Published Date: June 09, 2024 at 08:15 PM
NVD Last Modified: August 14, 2024 at 07:23 PM
Download Patch
Vulnerability ID
CVE-2024-4577
Severity
CRITICAL
Severity Score
9.8
Summary
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Exploits

https://github.com/watchtowrlabs/CVE-2024-4577

https://github.com/xcanwin/CVE-2024-4577-PHP-RCE

https://github.com/TAM-K592/CVE-2024-4577

https://github.com/11whoami99/CVE-2024-4577

https://github.com/Chocapikk/CVE-2024-4577

https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE

https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template

https://github.com/fa-rrel/CVE-2024-4577-RCE

https://github.com/gotr00t0day/CVE-2024-4577

https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT

https://github.com/manuelinfosec/CVE-2024-4577

https://github.com/l0n3m4n/CVE-2024-4577-RCE

https://github.com/waived/CVE-2024-4577-PHP-RCE

https://github.com/TAM-K592/CVE-2024-4577

https://github.com/watchtowrlabs/CVE-2024-4577

https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template

https://github.com/11whoami99/CVE-2024-4577

https://github.com/manuelinfosec/CVE-2024-4577

https://github.com/xcanwin/CVE-2024-4577-PHP-RCE

https://github.com/Chocapikk/CVE-2024-4577

https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE

https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/

https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/

https://github.com/11whoami99/CVE-2024-4577

https://github.com/xcanwin/CVE-2024-4577-PHP-RCE

https://github.com/rapid7/metasploit-framework/pull/19247

https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/

https://github.com/watchtowrlabs/CVE-2024-4577

https://isc.sans.edu/diary/30994

https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

https://isc.sans.edu/diary/Attacker%20Probing%20for%20New%20PHP%20Vulnerablity%20CVE-2024-4577/30994

https://github.com/gotr00t0day/CVE-2024-4577

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/php_cgi_arg_injection_rce_cve_2024_4577.rb

https://github.com/l0n3m4n/CVE-2024-4577-RCE

https://github.com/waived/CVE-2024-4577-PHP-RCE

https://github.com/fa-rrel/CVE-2024-4577-RCE

Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-78

Recent Publish

2024-08 适用于基于 x64 的系统的 Windows Embedded Standard 7 仅安全性质量更新(KB5041823)

2024-08 适用于基于 x64 的系统的 Windows Server 2008 R2 仅安全性质量更新(KB5041823)

2024-08 适用于基于 x86 的系统的 Windows Embedded Standard 7 仅安全性质量更新(KB5041823)

2024-08 适用于基于 x64 的系统的 Windows Server 2012 R2 月度安全质量汇总(KB5041828)

2024-08 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5041838)

2024-08 Security Monthly Quality Rollup for Windows Embedded Standard 7 for x86-based Systems (KB5041838)

See SecOps Solution
in action

Schedule Demo