PHP vulnerability allows attackers to run malicious code on Windows servers

PHP vulnerability allows attackers to run malicious code on Windows servers

Briefly

Within 24 hours, scans revealed susceptible servers; exploit ease, proof-of-concept, severity of code execution, and XAMPP susceptibility draw attention to PHP vulnerability threat.

Ars Technicahttps://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/

'A nasty bug with a very simple exploit-perfect for a Friday afternoon,' noted WatchTowr researchers. CVE-2024-4577 enables attackers to bypass a 2012 patched vulnerability using argument injection and Best Fit on Windows.

Ars Technicahttps://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/