cyberveille.decio.ch

cyberveille.decio.ch

#2024 #En #devco.re #php
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability
While implementing PHP, the team did not notice the Best-Fit feature of encoding conversion within the Windows operating system. This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. Arbitrary code can be executed on remote PHP servers through the argument injection attack.
·devco.re·
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability