Security firm watchTowr has published its own analysis of CVE-2024-4577, a PHP-CGI vulnerability impacting Windows systems: https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/
The bug was initially discovered by DEVCORE: https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/
watchTowr has also released proof-of-concept code: https://github.com/watchtowrlabs/CVE-2024-4577
Catalin Cimpanu /
npub1tq…3aefw
2024-06-09 12:42:07
Author Public Key
npub1tqfukrqgh928vktkl6vx063ck2c4yn3ek8m44v3txfhztqe65anq63aefwPublished at
2024-06-09 12:42:07Event JSON
{
"id": "ccd595f756e0cab632e9815122375f231d34b0cc53d3458e877419df1a3c6c69",
"pubkey": "5813cb0c08b954765976fe9867ea38b2b1524e39b1f75ab22b326e25833aa766",
"created_at": 1717936927,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/campuscodi/statuses/112586714464096645",
"activitypub"
]
],
"content": "Security firm watchTowr has published its own analysis of CVE-2024-4577, a PHP-CGI vulnerability impacting Windows systems: https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/\n\nThe bug was initially discovered by DEVCORE: https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/\n\nwatchTowr has also released proof-of-concept code: https://github.com/watchtowrlabs/CVE-2024-4577",
"sig": "df9e4440da447e066a9dacd766cd911f5e90aebe40f5ceb20b71b5746d80ecc9e790582fee9d05110338bcc7adeabd4e737942ce3dfd7b2d17af19e92e994eeb"
}