{"id":29581,"date":"2024-06-12T02:50:06","date_gmt":"2024-06-12T02:50:06","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=29581"},"modified":"2026-04-17T18:07:37","modified_gmt":"2026-04-17T18:07:37","slug":"php-cgi-windows-platform-remote-code-execution-vulnerability-cve-2024-4577-advisory","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/php-cgi-windows-platform-remote-code-execution-vulnerability-cve-2024-4577-advisory\/","title":{"rendered":"PHP CGI Windows Platform Remote Code Execution Vulnerability (CVE-2024-4577) Advisory"},"content":{"rendered":"\n

Overview<\/h2>\n\n\n\n

NSFOCUS CERT has monitored the disclosure of a PHP CGI Windows platform remote code execution vulnerability (CVE-2024-4577) on the internet recently. Due to PHP’s oversight of the Best-Fit character mapping feature of the Windows system during its design, running PHP in CGI mode on the Windows platform and using the following language settings (Simplified Chinese 936\/Traditional Chinese 950\/Japanese 932, etc.) are affected by this vulnerability. Unauthenticated attackers can construct malicious requests to bypass the protection of the CVE-2012-1823 patch and execute arbitrary code remotely through parameter injection. The PoC of the vulnerability has been made public, and users are advised to take protective measures as soon as possible. <\/p>\n\n\n\n

PHP is a widely used open-source scripting language commonly used for web development; PHP CGI is a method of running PHP scripts through the Common Gateway Interface (CGI) to handle HTTP requests and generate dynamic web content.<\/p>\n\n\n\n

Reference link: <\/p>\n\n\n\n

https:\/\/devco.re\/blog\/2024\/06\/06\/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability<\/a><\/p>\n\n\n\n

Affected Scope<\/h2>\n\n\n\n

Affected Versions<\/strong><\/p>\n\n\n\n

PHP 8.3 < 8.3.8<\/p>\n\n\n\n

PHP 8.2 < 8.2.20<\/p>\n\n\n\n

PHP 8.1 < 8.1.29 <\/p>\n\n\n\n

Note: Official support and maintenance for PHP 8, PHP 7, and PHP 5 have been discontinued.<\/p>\n\n\n\n

Unaffected Versions<\/strong><\/p>\n\n\n\n

PHP 8.3 >= 8.3.8<\/p>\n\n\n\n

PHP 8.2 >= 8.2.20<\/p>\n\n\n\n

PHP 8.1 >= 8.1.29<\/p>\n\n\n\n

Vulnerability Detection<\/h2>\n\n\n\n

Version Detection<\/strong><\/p>\n\n\n\n

Users of PHP CGI on the Windows system can determine whether the application is within the affected scope by checking the PHP version:<\/p>\n\n\n\n

php -v<\/code><\/pre>\n\n\n
\n
\"Red<\/a><\/figure>\n<\/div>\n\n\n
<\/p>\n\n\n\n
<\/p>\n\n\n\n
Protection Methods<\/h2>\n\n\n\n
Upgrade<\/strong><\/p>\n\n\n\n
This vulnerability has already been fixed in the latest version officially, and users affected are advised to upgrade their version as soon as possible for protection. Official download link: https:\/\/www.php.net\/downloads.php<\/a>  <\/p>\n\n\n\n
Other Mitigation Measures<\/strong><\/p>\n\n\n\n
 If users are temporarily unable to upgrade, the following measures can be taken for temporary protection:<\/p>\n\n\n\n