logo

CVE-2012-1823 - PHP-CGI Query String Parameter Vulnerability

CVE-2012-1823

PHP | PHP

  • Date Added:
  • 2022-03-25
  • Due Date:
  • 2022-04-15
Vulnerability Name

PHP-CGI Query String Parameter Vulnerability

Description

sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2012-1823
Related News Articles

Hackers use PHP exploit to backdoor Windows systems with new malwareAugust 21, 2024

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)June 13, 2024

PHP fixes critical RCE flaw impacting all versions for WindowsJune 7, 2024

Free security scan for your website