THREAT OPS › CVEs › CVE-2024-4577
CVE-2024-4577 — PHP-CGI OS Command Injection Vulnerability
PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.
Vulnerability details
- Affected productsPHP
- KEV remediation due2024-07-03