[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-4577":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":139,"duplicate_of":9,"upstream":140,"downstream":141,"duplicates":144,"related":145,"reserved_at":9,"published_at":153,"modified_at":154,"state":155,"summary":156,"references_raw":164,"kevs":257,"epss":268,"epss_history":271,"metrics":468,"affected":475},"CVE-2024-4577","In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-78","Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-15","Command Delimiters",[],{"id":29,"name":30,"techniques":31},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":33,"name":34,"techniques":35},"CAPEC-6","Argument Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-88","OS Command Injection",[],[41,50,55,60,65,69,77,82,87,92,97,101,106,118],{"_key":42,"name":43,"source":44,"url":45,"maturity":46,"reliability_score":47,"verified":48,"type":9,"platforms":49,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_PHP_PHP-SRC","Php Src","github","https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846","poc",0.3,false,[],{"_key":51,"name":52,"source":44,"url":53,"maturity":46,"reliability_score":47,"verified":48,"type":9,"platforms":54,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_11WHOAMI99_CVE-2024-4577","Cve 2024 4577","https://github.com/11whoami99/CVE-2024-4577",[],{"_key":56,"name":57,"source":44,"url":58,"maturity":46,"reliability_score":47,"verified":48,"type":9,"platforms":59,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_XCANWIN_CVE-2024-4577-PHP-RCE","Cve 2024 4577 Php Rce","https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",[],{"_key":61,"name":62,"source":44,"url":63,"maturity":46,"reliability_score":47,"verified":48,"type":9,"platforms":64,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_RAPID7_METASPLOIT-FRAMEWORK","Metasploit Framework","https://github.com/rapid7/metasploit-framework/pull/17067",[],{"_key":66,"name":52,"source":44,"url":67,"maturity":46,"reliability_score":47,"verified":48,"type":9,"platforms":68,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_WATCHTOWRLABS_CVE-2024-4577","https://github.com/watchtowrlabs/CVE-2024-4577",[],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":76,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_2808D98902DCB07A","Exploit Reference (devco.re)","reference","https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/","unknown",0.2,[],{"_key":78,"name":79,"source":72,"url":80,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":81,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_4FD048FAF334DAC5","Exploit Reference (arstechnica.com)","https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",[],{"_key":83,"name":84,"source":72,"url":85,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":86,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_FB88CCBEB8EBACB9","Exploit Reference (labs.watchtowr.com)","https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",[],{"_key":88,"name":89,"source":72,"url":90,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":91,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_E694A21FEDED503D","Exploit Reference (isc.sans.edu)","https://isc.sans.edu/diary/30994",[],{"_key":93,"name":94,"source":72,"url":95,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":96,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_9A9A0142E26B950F","Exploit Reference (vicarius.io)","https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577",[],{"_key":98,"name":94,"source":72,"url":99,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":100,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_78D9C4B6B2F2702D","https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577",[],{"_key":102,"name":103,"source":72,"url":104,"maturity":74,"reliability_score":75,"verified":48,"type":9,"platforms":105,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_F48EE0FC378F1BDC","Exploit Reference (blog.talosintelligence.com)","https://blog.talosintelligence.com/new-persistent-attacks-japan/",[],{"_key":107,"name":108,"source":109,"url":110,"maturity":46,"reliability_score":111,"verified":48,"type":9,"platforms":112,"requires_auth":9,"exploitdb":114,"metasploit":9},"52331","PHP CGI Module 8.3.4 - Remote Code Execution (RCE)","exploit-database","https://www.exploit-db.com/exploits/52331",0.5,[113],"php",{"verified":48,"type":115,"platform":113,"file":116,"codes":117},"webapps","exploits/php/webapps/52331.py",[7],{"_key":119,"name":120,"source":121,"url":122,"maturity":123,"reliability_score":124,"verified":125,"type":126,"platforms":127,"requires_auth":48,"exploitdb":9,"metasploit":128},"MSF_EXPLOIT_WINDOWS_HTTP_PHP_CGI_ARG_INJECTION_RCE_CVE_2024_4577","PHP CGI Argument Injection Remote Code Execution","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/windows/http/php_cgi_arg_injection_rce_cve_2024_4577.rb","weaponized",1,true,"remote",[],{"fullname":129,"rank":130,"rank_name":131,"post_auth":48,"check":125,"notes":132},"exploit/windows/http/php_cgi_arg_injection_rce_cve_2024_4577",600,"excellent",{"Stability":133,"SideEffects":135,"Reliability":137},[134],"crash-safe",[136],"ioc-in-logs",[138],"repeatable-session",[],[],[142],{"_key":143},"OPENSUSE-SU-2024:14376-1",[],[146,147,149,151],{"_key":143},{"_key":148},"CGA-84J3-W824-WV4X",{"_key":150},"CGA-GVWM-H3QQ-8679",{"_key":152},"CGA-PRG6-6RGX-HMX2","2024-06-09T19:42:36.464Z","2025-10-21T23:05:16.089Z","Analyzed",{"cisa_kev":125,"cisa_ransomware":125,"cisa_vendor":157,"epss_severity":158,"epss_score":159,"severity":158,"severity_score":160,"severity_version":161,"severity_source":162,"severity_vector":163,"severity_status":155},"PHP Group","critical",0.94393,9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[165,172,176,179,183,187,190,193,199,202,205,210,214,218,222,225,230,234,238,242,248,251,254],{"url":166,"sources":167,"tags":169},"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",[162,168],"nvd",[170,171],"Exploit","Third Party Advisory",{"url":173,"sources":174,"tags":175},"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",[162,168],[171],{"url":73,"sources":177,"tags":178},[162,168],[170,171],{"url":80,"sources":180,"tags":181},[162,168],[170,182,171],"Press/Media Coverage",{"url":184,"sources":185,"tags":186},"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",[162,168],[171],{"url":53,"sources":188,"tags":189},[162,168],[170],{"url":58,"sources":191,"tags":192},[162,168],[170,171],{"url":194,"sources":195,"tags":196},"https://github.com/rapid7/metasploit-framework/pull/19247",[162,168],[170,197,198],"Issue Tracking","Patch",{"url":85,"sources":200,"tags":201},[162,168],[170,171],{"url":67,"sources":203,"tags":204},[162,168],[170,171],{"url":206,"sources":207,"tags":208},"https://www.php.net/ChangeLog-8.php#8.1.29",[162,168],[209],"Release Notes",{"url":211,"sources":212,"tags":213},"https://www.php.net/ChangeLog-8.php#8.2.20",[162,168],[209],{"url":215,"sources":216,"tags":217},"https://www.php.net/ChangeLog-8.php#8.3.8",[162,168],[209],{"url":219,"sources":220,"tags":221},"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",[162,168],[171],{"url":90,"sources":223,"tags":224},[162,168],[170,171],{"url":226,"sources":227,"tags":228},"http://www.openwall.com/lists/oss-security/2024/06/07/1",[162,168],[229,171],"Mailing List",{"url":231,"sources":232,"tags":233},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",[162,168],[229],{"url":235,"sources":236,"tags":237},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",[162,168],[229],{"url":239,"sources":240,"tags":241},"https://security.netapp.com/advisory/ntap-20240621-0008/",[162,168],[171],{"url":243,"sources":244,"tags":245},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4577",[162,168],[246,247],"Government Resource","US Government Resource",{"url":95,"sources":249,"tags":250},[162,168],[170,171],{"url":99,"sources":252,"tags":253},[162,168],[170,171],{"url":104,"sources":255,"tags":256},[162,168],[170,171],[258],{"source":259,"vendor":157,"product":260,"date_added":261,"vulnerability_name":262,"short_description":263,"required_action":264,"due_date":265,"known_ransomware_campaign_use":266,"notes":267,"exploitation_type":9},"cisa","PHP","2024-06-12","PHP-CGI OS Command Injection Vulnerability","PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2024-07-03","Known","This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see:  https://www.php.net/ChangeLog-8.php#;   https://nvd.nist.gov/vuln/detail/CVE-2024-4577",{"date":269,"score":159,"percentile":270},"2026-06-04",0.99974,[272,276,278,280,283,285,287,289,291,293,296,299,302,304,306,310,312,314,317,319,321,324,326,328,331,333,335,337,339,341,343,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,393,395,397,399,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,438,440,442,444,446,448,450,452,455,457,459,461,463,465],{"date":273,"score":274,"percentile":275},"2025-11-04",0.94374,0.99963,{"date":277,"score":274,"percentile":275},"2025-11-05",{"date":279,"score":274,"percentile":275},"2025-11-06",{"date":281,"score":274,"percentile":282},"2025-11-07",0.99962,{"date":284,"score":274,"percentile":282},"2025-11-08",{"date":286,"score":274,"percentile":282},"2025-11-09",{"date":288,"score":274,"percentile":282},"2025-11-10",{"date":290,"score":274,"percentile":282},"2025-11-11",{"date":292,"score":274,"percentile":282},"2025-11-12",{"date":294,"score":159,"percentile":295},"2025-11-13",0.99968,{"date":297,"score":298,"percentile":270},"2025-11-14",0.9441,{"date":300,"score":159,"percentile":301},"2025-11-15",0.9997,{"date":303,"score":159,"percentile":301},"2025-11-16",{"date":305,"score":159,"percentile":301},"2025-11-17",{"date":307,"score":308,"percentile":309},"2025-11-18",0.9434,0.99981,{"date":311,"score":308,"percentile":309},"2025-11-19",{"date":313,"score":308,"percentile":309},"2025-11-20",{"date":315,"score":159,"percentile":316},"2025-11-21",0.99967,{"date":318,"score":159,"percentile":295},"2025-11-22",{"date":320,"score":159,"percentile":295},"2025-11-23",{"date":322,"score":159,"percentile":323},"2025-11-24",0.99969,{"date":325,"score":159,"percentile":323},"2025-11-25",{"date":327,"score":159,"percentile":323},"2025-11-26",{"date":329,"score":274,"percentile":330},"2025-11-27",0.99961,{"date":332,"score":274,"percentile":330},"2025-11-28",{"date":334,"score":274,"percentile":330},"2025-11-29",{"date":336,"score":274,"percentile":330},"2025-11-30",{"date":338,"score":274,"percentile":275},"2025-12-01",{"date":340,"score":274,"percentile":275},"2025-12-02",{"date":342,"score":274,"percentile":275},"2025-12-03",{"date":344,"score":274,"percentile":345},"2025-12-04",0.9996,{"date":347,"score":274,"percentile":345},"2025-12-05",{"date":349,"score":274,"percentile":330},"2025-12-06",{"date":351,"score":274,"percentile":330},"2025-12-07",{"date":353,"score":274,"percentile":330},"2025-12-08",{"date":355,"score":274,"percentile":330},"2025-12-09",{"date":357,"score":274,"percentile":330},"2025-12-10",{"date":359,"score":274,"percentile":330},"2025-12-11",{"date":361,"score":274,"percentile":330},"2025-12-12",{"date":363,"score":274,"percentile":330},"2025-12-13",{"date":365,"score":274,"percentile":330},"2025-12-14",{"date":367,"score":274,"percentile":330},"2025-12-15",{"date":369,"score":274,"percentile":330},"2025-12-16",{"date":371,"score":274,"percentile":330},"2025-12-17",{"date":373,"score":159,"percentile":295},"2025-12-18",{"date":375,"score":274,"percentile":345},"2025-12-19",{"date":377,"score":274,"percentile":330},"2025-12-20",{"date":379,"score":274,"percentile":330},"2025-12-21",{"date":381,"score":274,"percentile":330},"2025-12-22",{"date":383,"score":274,"percentile":330},"2025-12-23",{"date":385,"score":274,"percentile":330},"2025-12-24",{"date":387,"score":274,"percentile":282},"2025-12-25",{"date":389,"score":274,"percentile":330},"2025-12-26",{"date":391,"score":392,"percentile":330},"2025-12-27",0.94365,{"date":394,"score":274,"percentile":330},"2025-12-28",{"date":396,"score":274,"percentile":330},"2025-12-29",{"date":398,"score":274,"percentile":330},"2025-12-30",{"date":400,"score":274,"percentile":330},"2025-12-31",{"date":402,"score":274,"percentile":275},"2026-01-01",{"date":404,"score":274,"percentile":275},"2026-01-02",{"date":406,"score":274,"percentile":275},"2026-01-03",{"date":408,"score":274,"percentile":282},"2026-01-04",{"date":410,"score":274,"percentile":282},"2026-01-05",{"date":412,"score":274,"percentile":282},"2026-01-06",{"date":414,"score":274,"percentile":282},"2026-01-07",{"date":416,"score":274,"percentile":282},"2026-01-08",{"date":418,"score":274,"percentile":282},"2026-01-09",{"date":420,"score":274,"percentile":282},"2026-01-10",{"date":422,"score":274,"percentile":282},"2026-01-11",{"date":424,"score":274,"percentile":282},"2026-01-12",{"date":426,"score":274,"percentile":282},"2026-01-13",{"date":428,"score":274,"percentile":282},"2026-01-14",{"date":430,"score":274,"percentile":282},"2026-01-15",{"date":432,"score":274,"percentile":282},"2026-01-16",{"date":434,"score":274,"percentile":282},"2026-01-17",{"date":436,"score":298,"percentile":437},"2026-01-18",0.99975,{"date":439,"score":298,"percentile":437},"2026-01-19",{"date":441,"score":298,"percentile":437},"2026-01-20",{"date":443,"score":159,"percentile":301},"2026-01-21",{"date":445,"score":159,"percentile":301},"2026-01-22",{"date":447,"score":159,"percentile":301},"2026-01-23",{"date":449,"score":159,"percentile":301},"2026-01-24",{"date":451,"score":159,"percentile":301},"2026-01-25",{"date":453,"score":159,"percentile":454},"2026-01-26",0.99971,{"date":456,"score":159,"percentile":454},"2026-01-27",{"date":458,"score":159,"percentile":454},"2026-01-28",{"date":460,"score":159,"percentile":454},"2026-01-29",{"date":462,"score":274,"percentile":282},"2026-01-30",{"date":464,"score":274,"percentile":282},"2026-01-31",{"date":466,"score":274,"percentile":467},"2026-02-01",0.99964,[469,473],{"source":162,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":470,"cvss_v4_0":9},{"baseScore":160,"baseSeverity":471,"vectorString":163,"impactScore":160,"exploitabilityScore":472},"CRITICAL",10,{"source":168,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":474,"cvss_v4_0":9},{"baseScore":160,"baseSeverity":471,"vectorString":163,"impactScore":160,"exploitabilityScore":472},[476,486,502],{"ecosystem":9,"name":477,"vendor":478,"product":477,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"fedora","fedoraproject","o",[481,484],{"version":482,"is_range":48,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"39","cpe",{"version":485,"is_range":48,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"40",{"ecosystem":9,"name":260,"vendor":9,"product":260,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},[488,494,498],{"version":489,"is_range":125,"range_type":162,"version_start":490,"version_start_type":491,"version_end":492,"version_end_type":493,"fixed_in":9},">= 8.1.*, \u003C 8.1.29","8.1.*","including","8.1.29","excluding",{"version":495,"is_range":125,"range_type":162,"version_start":496,"version_start_type":491,"version_end":497,"version_end_type":493,"fixed_in":9},">= 8.2.*, \u003C 8.2.20","8.2.*","8.2.20",{"version":499,"is_range":125,"range_type":162,"version_start":500,"version_start_type":491,"version_end":501,"version_end_type":493,"fixed_in":9},">= 8.3.*, \u003C 8.3.8","8.3.*","8.3.8",{"ecosystem":9,"name":260,"vendor":9,"product":260,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":503},[504,507,510],{"version":505,"is_range":125,"range_type":483,"version_start":506,"version_start_type":491,"version_end":492,"version_end_type":493,"fixed_in":9},"gte8.1.0_lt8.1.29","8.1.0",{"version":508,"is_range":125,"range_type":483,"version_start":509,"version_start_type":491,"version_end":497,"version_end_type":493,"fixed_in":9},"gte8.2.0_lt8.2.20","8.2.0",{"version":511,"is_range":125,"range_type":483,"version_start":512,"version_start_type":491,"version_end":501,"version_end_type":493,"fixed_in":9},"gte8.3.0_lt8.3.8","8.3.0"]