{"id":190922,"date":"2024-06-09T20:25:02","date_gmt":"2024-06-10T01:25:02","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2024\/06\/new-php-vulnerability-exposes-windows-servers-to-remote-code-execution"},"modified":"2024-06-09T20:25:02","modified_gmt":"2024-06-10T01:25:02","slug":"new-php-vulnerability-exposes-windows-servers-to-remote-code-execution","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2024\/06\/new-php-vulnerability-exposes-windows-servers-to-remote-code-execution","title":{"rendered":"New PHP Vulnerability Exposes Windows Servers to Remote Code Execution"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/new-php-vulnerability-exposes-windows-servers-to-remote-code-execution.jpg\"><\/a><\/p>\n<p>Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.<\/p>\n<p>The vulnerability, tracked as <strong>CVE-2024\u20134577<\/strong>, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.<\/p>\n<p>According to DEVCORE security researcher, the shortcoming makes it possible to bypass protections put in place for another security flaw, <a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/520827\" rel=\"noopener\" target=\"_blank\">CVE-2012\u20131823<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024\u20134577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system. According to DEVCORE security researcher, the shortcoming [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1523,1492],"tags":[],"class_list":["post-190922","post","type-post","status-publish","format-standard","hentry","category-computing","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/190922","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=190922"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/190922\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=190922"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=190922"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=190922"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}