CyberSecurityBoard
Sponsor Register Login

CVE-2024-4577

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

This Cyber News was published on www.tenable.com. Publication date: Sun, 09 Jun 2024 00:00:00 +0000


Cyber News related to CVE-2024-4577

Critical PHP RCE vulnerability mass exploited in new attacks - "While initial reports focused on attacks in Japan, GreyNoise data confirms that exploitation is far more widespread [..] More than 43% of IPs targeting CVE-2024-4577 in the past 30 days are from Germany and China," the threat intelligence firm said, ...
1 week ago Bleepingcomputer.com CVE-2024-4577
PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems - Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems. The vulnerability, tracked as ...
1 day ago Cybersecuritynews.com CVE-2024-4577
AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
5 months ago Feeds.dzone.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
Threat Actors Exploited PHP-CGI RCE Vulnerability To Attack Windows Machines - The researchers also discovered that the attackers had access to a pre-configured installer script on their C2 server that could deploy a full suite of adversarial tools and frameworks hosted on an Alibaba cloud container Registry, indicating ...
1 week ago Cybersecuritynews.com CVE-2024-4577
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
9 months ago Tenable.com
CVE-2024-8926 - The vulnerability exists due to improper input validation in PHP-CGI implementation. A remote attacker can send specially crafted HTTP request to the application and execute arbitrary OS commands on the system. Note, the vulnerability exists due to ...
5 months ago Tenable.com
CVE-2024-22749 - GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577 ...
1 year ago
CVE-2024-4577 - In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command ...
6 days ago Tenable.com CVE-2024-4577
Bug affecting PHP scripts demands ‘immediate action from defenders globally’ | The Record from Recorded Future News - Cisco Talos said Thursday that the attacker it studied used a “command and control (C2) server that deploys a full suite of adversarial tools and frameworks.” The researchers said they believed the attacker’s motive was to move beyond just ...
1 week ago Therecord.media CVE-2024-4577
CVE-2021-30625 - Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. ...
3 years ago
CVE-2021-30629 - Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. ...
3 years ago
CVE-2021-30630 - Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. ...
2 years ago
CVE-2021-30632 - Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
1 year ago
CVE-2021-30626 - Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
3 years ago
CVE-2021-30627 - Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
3 years ago
CVE-2021-30628 - Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. ...
3 years ago
CVE-2021-30633 - Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. ...
3 years ago
CVE-2011-4577 - OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address ...
10 years ago
CVE-2013-4577 - A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file. ...
1 year ago
CVE-2014-4577 - Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter. ...
10 years ago
CVE-2016-4577 - Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary ...
8 years ago
CVE-2005-4577 - Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary web script or HTML via ...
7 years ago
CVE-2006-4577 - Multiple cross-site scripting (XSS) vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) email, (2) websites, and (3) groupAddName parameters in (a) save.php; the (4) ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)