Found 4 bookmarks
Custom sorting
CVE-2024-4577 Exploits in the Wild One Day After Disclosure
CVE-2024-4577 Exploits in the Wild One Day After Disclosure
  • The Akamai Security Intelligence Response Team (SIRT) has been monitoring activity surrounding CVE-2024-4577, a PHP vulnerability that affects installations running CGI mode that was disclosed in June 2024. The vulnerability primarily affects Windows installations using Chinese and Japanese language locales, but it is possible that the vulnerability applies to a wider range of installations. As early as one day after disclosure, the SIRT observed numerous exploit attempts to abuse this vulnerability, indicating high exploitability and quick adoption by threat actors. The exploitations include command injection and multiple malware campaigns: Gh0st RAT, RedTail cryptominers, and XMRig. Akamai App & API Protector has been automatically mitigating exploits that target our customers. In this blog post, we’ve included a comprehensive list of indicators of compromise (IOCs) for the various exploits we discuss.
·akamai.com·
CVE-2024-4577 Exploits in the Wild One Day After Disclosure
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability
While implementing PHP, the team did not notice the Best-Fit feature of encoding conversion within the Windows operating system. This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. Arbitrary code can be executed on remote PHP servers through the argument injection attack.
·devco.re·
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability
No Way, PHP Strikes Again! (CVE-2024-4577)
No Way, PHP Strikes Again! (CVE-2024-4577)
Orange Tsai tweeted a few hours ago about “One of [his] PHP vulnerabilities, which affects XAMPP by default”, and we were curious to say the least. XAMPP is a very popular way for administrators and developers to rapidly deploy Apache, PHP, and a bunch of other tools, and any bug
·labs.watchtowr.com·
No Way, PHP Strikes Again! (CVE-2024-4577)