CVE-2012-1823 - PHP-CGI Query String Parameter Vulnerability

CVE-2012-1823: PHP | PHP

Date Added:
2022-03-25

Due Date:
2022-04-15

Vulnerability Name: PHP-CGI Query String Parameter Vulnerability

Description: sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-1823