| VID |
210281 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
PHP 8.1.* before 8.1.29, 8.2.* before 8.2.20, and 8.3.* before 8.3.8 are affected by a critical vulnerability when used with Apache and PHP-CGI on Windows. The issue arises from the "Best-Fit" behavior of encoding conversion in Windows, which can replace characters in the command line given to Win32 API functions. This behavior can cause the PHP CGI module to misinterpret these characters as PHP options, potentially allowing a malicious user to execute arbitrary PHP code or expose the source code of scripts on the server.
This vulnerability is particularly concerning for systems configured with certain code pages such as Traditional Chinese, Simplified Chinese, and Japanese locales. It allows unauthenticated attackers to bypass protections from previous vulnerabilities and perform remote code execution through argument injection attacks. Attack scenarios include configurations running PHP under CGI mode or setups like XAMPP that are vulnerable by default.
* References:
https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/
* Platforms Affected:
PHP Prior to 8.3.8
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PHP (8.3.8 or later), available from the PHP web site at http://www.php.net/downloads.php |
| Related URL |
CVE-2024-4577 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
