Description
In PHP, when configured as a CGI script (php-cgi), improper handling of certain query strings can allow remote attackers to execute arbitrary code. Specifically, query strings lacking an equals sign (=) or containing characters that may be misinterpreted due to system settings can enable attackers to pass command-line options to the PHP binary. This vulnerability, related to improper handling of command-line options or special characters, can lead to actions such as revealing source code or running arbitrary PHP code on the server.
Recommendation
To address this vulnerability, update PHP to the latest stable version.
References
- OWASP: Command Injection
- CVE-2012-1823
- CVE-2024-4577
- CWE-20
- CWE-78
- CAPEC-88
- CAPEC-310
- OWASP 2021-A3
- OWASP 2021-A6