Lucene search

K

GoogleOSV:CVE-2024-1874

HistoryApr 29, 2024 - 4:15 a.m.

CVE-2024-1874

2024-04-2904:15:07

Google

osv.dev

20

php security

command injection

windows shell

CVSS3

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

AI Score

9.8

Confidence

High

EPSS

0

Percentile

10.3%

In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.

References

www.openwall.com/lists/oss-security/2024/04/12/11

www.openwall.com/lists/oss-security/2024/06/07/1

github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7

lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/

lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/

security.netapp.com/advisory/ntap-20240510-0009/

CVSS3

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

AI Score

9.8

Confidence

High

EPSS

0

Percentile

10.3%

Related for OSV:CVE-2024-1874

ubuntucve2 redhatcve2 githubexploit1 vulnrichment2 nvd2 debiancve2 cbl_mariner1 osv5 cvelist2 nessus25 alpinelinux2 cve2 openvas12 fedora5 slackware2 cert1 mageia1 thn1 freebsd1