Statements (25)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:security
|
gptkbp:affects |
PHP
|
gptkbp:citation |
https://blog.orange.tw/2024/06/php-cgi-argument-injection-en.html
https://nvd.nist.gov/vuln/detail/CVE-2024-4577 https://www.php.net/archive/2024.php#2024-06-06-1 |
gptkbp:CVSSv3_score |
9.8
|
gptkbp:describes |
A vulnerability in PHP CGI that allows remote code execution via argument injection.
|
gptkbp:discoveredBy |
gptkb:Orange_Tsai
|
gptkbp:discoveredIn |
2024
|
gptkbp:enemyOf |
remote code execution
|
gptkbp:exploits |
yes
|
gptkbp:hasCWE |
CWE-88
|
gptkbp:hasSeverity |
critical
|
https://www.w3.org/2000/01/rdf-schema#label |
CVE-2024-4577
|
gptkbp:impact |
system compromise
arbitrary code execution |
gptkbp:patchedBy |
PHP 8.1.29
PHP 8.2.20 PHP 8.3.8 |
gptkbp:publicationDate |
2024-06-06
|
gptkbp:vectorFor |
gptkb:network_protocol
|
gptkbp:vulnerableConfiguration |
PHP running in CGI mode on Windows
|
gptkbp:vulnerableTo |
gptkb:CVE-2024-4577
|
gptkbp:bfsParent |
gptkb:APT3
|
gptkbp:bfsLayer |
7
|