CVE-2024-4577

GPTKB entity

Statements (25)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affects PHP
gptkbp:citation https://blog.orange.tw/2024/06/php-cgi-argument-injection-en.html
https://nvd.nist.gov/vuln/detail/CVE-2024-4577
https://www.php.net/archive/2024.php#2024-06-06-1
gptkbp:CVSSv3_score 9.8
gptkbp:describes A vulnerability in PHP CGI that allows remote code execution via argument injection.
gptkbp:discoveredBy gptkb:Orange_Tsai
gptkbp:discoveredIn 2024
gptkbp:enemyOf remote code execution
gptkbp:exploits yes
gptkbp:hasCWE CWE-88
gptkbp:hasSeverity critical
https://www.w3.org/2000/01/rdf-schema#label CVE-2024-4577
gptkbp:impact system compromise
arbitrary code execution
gptkbp:patchedBy PHP 8.1.29
PHP 8.2.20
PHP 8.3.8
gptkbp:publicationDate 2024-06-06
gptkbp:vectorFor gptkb:network_protocol
gptkbp:vulnerableConfiguration PHP running in CGI mode on Windows
gptkbp:vulnerableTo gptkb:CVE-2024-4577
gptkbp:bfsParent gptkb:APT3
gptkbp:bfsLayer 7