Statements (25)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
PHP
|
| gptkbp:citation |
https://blog.orange.tw/2024/06/php-cgi-argument-injection-en.html
https://nvd.nist.gov/vuln/detail/CVE-2024-4577 https://www.php.net/archive/2024.php#2024-06-06-1 |
| gptkbp:CVSSv3_score |
9.8
|
| gptkbp:describes |
A vulnerability in PHP CGI that allows remote code execution via argument injection.
|
| gptkbp:discoveredBy |
gptkb:Orange_Tsai
|
| gptkbp:discoveredIn |
2024
|
| gptkbp:enemyOf |
remote code execution
|
| gptkbp:exploits |
yes
|
| gptkbp:hasCWE |
CWE-88
|
| gptkbp:hasSeverity |
critical
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2024-4577
|
| gptkbp:impact |
system compromise
arbitrary code execution |
| gptkbp:patchedBy |
PHP 8.1.29
PHP 8.2.20 PHP 8.3.8 |
| gptkbp:publicationDate |
2024-06-06
|
| gptkbp:vectorFor |
gptkb:network_protocol
|
| gptkbp:vulnerableConfiguration |
PHP running in CGI mode on Windows
|
| gptkbp:vulnerableTo |
gptkb:CVE-2024-4577
|
| gptkbp:bfsParent |
gptkb:APT3
|
| gptkbp:bfsLayer |
7
|