CVE-2024-4577 Yet Another PHP RCE (Argument Injection in PHP-CGI)
PHP overlooked the Best-Fit character conversion feature in Windows during its design. When PHP-CGI runs on the Windows platform and uses specific code pages (Simplified Chinese 936, Traditional Chinese 950, Japanese 932, etc.), attackers can craft malicious requests to bypass the CVE-2012-1823 patch. This allows them to execute arbitrary PHP code without the need for authentication.
Query:
Hunter: header.server="PHP"
FOFA: app="XAMPP"
FOFA: server="PHP"
SHODAN: server: PHP
PHP overlooked the Best-Fit character conversion feature in Windows during its design. When PHP-CGI runs on the Windows platform and uses specific code pages (Simplified Chinese 936, Traditional Chinese 950, Japanese 932, etc.), attackers can craft malicious requests to bypass the CVE-2012-1823 patch. This allows them to execute arbitrary PHP code without the need for authentication.
Query:
Hunter: header.server="PHP"
FOFA: app="XAMPP"
FOFA: server="PHP"
SHODAN: server: PHP