Suivre
« This vulnerability affects all versions of #PHP installed on the #Windows operating system. » #vuln #threats [ https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ ] #informatique
Reading the blog, it is clear that the bug only affects CGI mode of PHP. In this mode, the webserver parses HTTP requests and passes them to a PHP script, which then performs some processing on them. It introduce an avenue for command injection… [ https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/ ]