9.4

CVE-2024-1874

Exploit

Command injection via array-ish $command parameter of proc_open()

In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version >= 8.1.0 < 8.1.28
PhpPhp Version >= 8.2.0 < 8.2.18
PhpPhp Version >= 8.3.0 < 8.3.5
FedoraprojectFedora Version39
FedoraprojectFedora Version40
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 32.57% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security@php.net 9.4 3.9 5.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
CWE-116 Improper Encoding or Escaping of Output

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

http://www.openwall.com/lists/oss-security/2024/06/07/1
Mailing List
http://www.openwall.com/lists/oss-security/2024/04/12/11
Mailing List
https://www.kb.cert.org/vuls/id/123335
https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7
Vendor Advisory
Exploit
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
Mailing List
https://security.netapp.com/advisory/ntap-20240510-0009/
Third Party Advisory
https://www.vicarius.io/vsociety/posts/command-injection-vulnerability-in-php-on-windows-systems-cve-2024-1874-and-cve-2024-5585
Third Party Advisory
Exploit
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/