CVE-2024-1874— Command injection via array-ish $command parameter of proc_open()
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-1874
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command injection via array-ish $command parameter of proc_open()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
对输出编码和转义不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP是一种在服务器端执行的脚本语言。 PHP存在安全漏洞,该漏洞源于当使用带有数组语法的proc_open命令时,由于转义不足,如果执行命令的参数被恶意用户控制,则用户可以提供在Windows shell中执行任意命令的参数。以下版本受到影响:8.1.*版本至8.1.28之前版本、8.2.*版本至8.2.18之前版本、8.3.*版本至8.3.5之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2024-1874
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | command injection | https://github.com/ox1111/-CVE-2024-1874- | POC Details |
| 2 | Proof Of Concept for CVE-2024-1874 | https://github.com/Tgcohce/CVE-2024-1874 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-1874
请登录查看更多情报信息。
Same Patch Batch · PHP Group · 2024-04-29 · 4 CVEs total
| CVE-2024-2757 | 7.5 HIGH | PHP mb_encode_mimeheader runs endlessly for some inputs |
| CVE-2024-2756 | 6.5 MEDIUM | __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix |
| CVE-2024-3096 | 6.5 MEDIUM | PHP function password_verify can erroneously return true when argument contains NUL |
IV. Related Vulnerabilities
Same product: PHP
Same vendor: PHP Group
Same weakness: CWE-116
- CVE-2026-42810
Apache Polaris: could broaden vended S3 credentials through - CVE-2026-42040
Axios: Null Byte Injection via Reverse-Encoding in AxiosURLS - CVE-2026-40567
FreeScout has HTML Injection in Outgoing Emails via Unsaniti - CVE-2026-6058
Zyxel WRE6505 安全漏洞 - CVE-2026-20136
Cisco Identity Services Engine Authenticated Privilege Escal
V. Comments for CVE-2024-1874
No comments yet