CVE-2024-4577— Argument Injection in PHP-CGI
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-4577
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Argument Injection in PHP-CGI
Source: NVD (National Vulnerability Database)
Vulnerability Description
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP是一种在服务器端执行的脚本语言。 PHP存在操作系统命令注入漏洞,该漏洞源于在特定条件下,Windows系统使用“Best-Fit”行为替换命令行中的字符,这可能导致PHP CGI模块错误地将这些字符解释为PHP选项,从而泄露脚本的源代码,在服务器上运行任意PHP代码等。以下版本受到影响:8.1至8.1.29之前版本,8.3至8.3.8之前版本,8.2至8.2.20之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2024-4577
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters. | https://github.com/TAM-K592/CVE-2024-4577 | POC Details |
| 2 | CVE-2024-4577 | https://github.com/ohhhh693/CVE-2024-4577 | POC Details |
| 3 | PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC | https://github.com/Junp0/CVE-2024-4577 | POC Details |
| 4 | None | https://github.com/princew88/CVE-2024-4577 | POC Details |
| 5 | POC & $BASH script for CVE-2024-4577 | https://github.com/11whoami99/CVE-2024-4577 | POC Details |
| 6 | PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC | https://github.com/watchtowrlabs/CVE-2024-4577 | POC Details |
| 7 | CVE-2024-4577 | https://github.com/zjhzjhhh/CVE-2024-4577 | POC Details |
| 8 | None | https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template | POC Details |
| 9 | None | https://github.com/taida957789/CVE-2024-4577 | POC Details |
| 10 | None | https://github.com/Wh02m1/CVE-2024-4577 | POC Details |
| 11 | Nuclei Template for CVE-2024-4577 | https://github.com/Sysc4ll3r/CVE-2024-4577 | POC Details |
| 12 | None | https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP | POC Details |
| 13 | None | https://github.com/Yukiioz/CVE-2024-4577 | POC Details |
| 14 | CVE-2024-4577 nuclei-templates | https://github.com/0x20c/CVE-2024-4577-nuclei | POC Details |
| 15 | Proof Of Concept RCE exploit for critical vulnerability in PHP <8.2.15 (Windows), allowing attackers to execute arbitrary commands. | https://github.com/manuelinfosec/CVE-2024-4577 | POC Details |
| 16 | CVE-2024-4577 Exploit POC | https://github.com/zomasec/CVE-2024-4577 | POC Details |
| 17 | PoC for CVE-2024-4577 written in bash, go, python and a nuclei template | https://github.com/ZephrFish/CVE-2024-4577-PoC | POC Details |
| 18 | PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template | https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE | POC Details |
| 19 | [漏洞复现] 全球首款利用PHP默认环境的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP,共享原创EXP,支持SSRF,支持绕过WAF。The world's first CVE-2024-4577 PHP-CGI RCE exploit utilizing the default PHP environment. Sharing original exploit, supports SSRF, supports WAF bypass. | https://github.com/xcanwin/CVE-2024-4577-PHP-RCE | POC Details |
| 20 | python poc编写练手,可以对单个目标或批量检测 | https://github.com/dbyMelina/CVE-2024-4577 | POC Details |
| 21 | PHP CGI Argument Injection vulnerability | https://github.com/Chocapikk/CVE-2024-4577 | POC Details |
| 22 | A PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE) | https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT | POC Details |
| 23 | Bash script that checks if a PHP CGI setup is vulnerable to the CVE-2024-4577 argument injection vulnerability | https://github.com/it-t4mpan/check_cve_2024_4577.sh | POC Details |
| 24 | This is a PoC for PHP CVE-2024-4577. | https://github.com/bl4cksku11/CVE-2024-4577 | POC Details |
| 25 | php-cgi RCE快速检测 | https://github.com/nemu1k5ma/CVE-2024-4577 | POC Details |
| 26 | CVE-2024-4577 | https://github.com/aaddmin1122345/CVE-2024-4577-POC | POC Details |
| 27 | POC for CVE-2024-4577 with Shodan integration | https://github.com/d3ck4/Shodan-CVE-2024-4577 | POC Details |
| 28 | None | https://github.com/Entropt/CVE-2024-4577_Analysis | POC Details |
| 29 | None | https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE | POC Details |
| 30 | None | https://github.com/hexedbyte/cve-2024-4577 | POC Details |
| 31 | Fixed and minimalist PoC of the CVE-2024-4577 | https://github.com/Sh0ckFR/CVE-2024-4577 | POC Details |
| 32 | Argument injection vulnerability in PHP | https://github.com/gotr00t0day/CVE-2024-4577 | POC Details |
| 33 | PHP CGI Remote Code Execution (CVE-2024-4577) PoC | https://github.com/sug4r-wr41th/CVE-2024-4577 | POC Details |
| 34 | Python script for get reverse shell with using CVE-2024-4577 | https://github.com/AlperenY-cs/CVE-2024-4577 | POC Details |
| 35 | CVE-2024-4577 POC | https://github.com/VictorShem/CVE-2024-4577 | POC Details |
| 36 | None | https://github.com/jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE | POC Details |
| 37 | None | https://github.com/amandineVdw/CVE-2024-4577 | POC Details |
| 38 | None | https://github.com/PhinehasNarh/CVE-2024-4577-Defend | POC Details |
| 39 | None | https://github.com/ggfzx/CVE-2024-4577 | POC Details |
| 40 | CVE-2024-4577 | https://github.com/olebris/CVE-2024-4577 | POC Details |
| 41 | None | https://github.com/BitMEXResearch/CVE-2024-4577 | POC Details |
| 42 | CVE-2024-4577 EXP | https://github.com/charis3306/CVE-2024-4577 | POC Details |
| 43 | CVE-2024-4577 Exploits | https://github.com/cybersagor/CVE-2024-4577 | POC Details |
| 44 | PoC - PHP CGI Argument Injection CVE-2024-4577 (Scanner and Exploitation) | https://github.com/l0n3m4n/CVE-2024-4577-RCE | POC Details |
| 45 | ATTACK PoC - PHP CVE-2024-4577 | https://github.com/bibo318/CVE-2024-4577-RCE-ATTACK | POC Details |
| 46 | Automated PHP remote code execution scanner for CVE-2024-4577 | https://github.com/waived/CVE-2024-4577-PHP-RCE | POC Details |
| 47 | PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC | https://github.com/PizzaboiBestLegits/CVE-2024-4577 | POC Details |
| 48 | CVE | https://github.com/nNoSuger/CVE-2024-4577 | POC Details |
| 49 | None | https://github.com/a-roshbaik/CVE-2024-4577 | POC Details |
| 50 | None | https://github.com/a-roshbaik/CVE-2024-4577-PHP-RCE | POC Details |
| 51 | 批量验证POC和EXP | https://github.com/Jcccccx/CVE-2024-4577 | POC Details |
| 52 | None | https://github.com/ManuelKy08/CVE-2024-4577---RR | POC Details |
| 53 | CVE-2024-4577 Exploits | https://github.com/bughuntar/CVE-2024-4577 | POC Details |
| 54 | PHP CGI Argument Injection (CVE-2024-4577) RCE | https://github.com/fa-rrel/CVE-2024-4577-RCE | POC Details |
| 55 | CVE-2024-4577 | https://github.com/aaddmin1122345/cve-2024-4577 | POC Details |
| 56 | Scanning CVE-2024-4577 vulnerability with a url list. | https://github.com/ywChen-NTUST/PHP-CGI-RCE-Scanner | POC Details |
| 57 | 🚨 New Incident Report Completed! 🚨 Just wrapped up "Event ID 268: SOC292 - Possible PHP Injection Detected (CVE-2024-4577)" on LetsDefend.io. This analysis involved investigating an attempted Command Injection targeting our PHP server. Staying ahead of these threats with continuous monitoring and swift containment! 🛡️ | https://github.com/AhmedMansour93/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577- | POC Details |
| 58 | None | https://github.com/phirojshah/CVE-2024-4577 | POC Details |
| 59 | A Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI. | https://github.com/JeninSutradhar/CVE-2024-4577-checker | POC Details |
| 60 | This is an Incident Response Walkthrough: Mitigating a Zero-Day Attack (CVE-2024-4577) | https://github.com/PhinehasNarh/CVE-2024-4577-LetsDefend-walkthrough | POC Details |
| 61 | None | https://github.com/longhoangth18/CVE-2024-4577 | POC Details |
| 62 | None | https://github.com/0xbd2/CVE-2024-4577 | POC Details |
| 63 | None | https://github.com/ahmetramazank/CVE-2024-4577 | POC Details |
| 64 | CVE-2024-4577 RCE PoC | https://github.com/BTtea/CVE-2024-4577-RCE-PoC | POC Details |
| 65 | PHP CGI Argument Injection (CVE-2024-4577) RCE | https://github.com/gh-ost00/CVE-2024-4577-RCE | POC Details |
| 66 | CVE-2024-4577 POC | https://github.com/Dejavu666/CVE-2024-4577 | POC Details |
| 67 | php-cgi-cve-2024-4577 | https://github.com/chihyeonwon/php-cgi-cve-2024-4577 | POC Details |
| 68 | None | https://github.com/Didarul342/CVE-2024-4577 | POC Details |
| 69 | 一個測試CVE-2024-4577和CVE-2024-8926的安全滲透工具 | https://github.com/Night-have-dreams/php-cgi-Injector | POC Details |
| 70 | php-cgi-cve-2024-4577 | https://github.com/mr-won/php-cgi-cve-2024-4577 | POC Details |
| 71 | None | https://github.com/mistakes1337/CVE-2024-4577 | POC Details |
| 72 | PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam | https://github.com/creamylegum/CVE-2024-4577-PHP-RCE | POC Details |
| 73 | PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam | https://github.com/fabulouscounc/CVE-2024-4577-PHP-RCE | POC Details |
| 74 | PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam | https://github.com/deadlybangle/CVE-2024-4577-PHP-RCE | POC Details |
| 75 | PHP CGI - Argument Injection (CVE-2024-4577) is a critical argument injection flaw in PHP. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-4577.yaml | POC Details |
| 76 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E5%BC%80%E5%8F%91%E8%AF%AD%E8%A8%80%E6%BC%8F%E6%B4%9E/PHP%20CGI%20Windows%20%E5%B9%B3%E5%8F%B0%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2024-4577.md | POC Details |
| 77 | php-cgi-cve-2024-4577 | https://github.com/user20252228/php-cgi-cve-2024-4577 | POC Details |
| 78 | Automated PHP remote code execution scanner for CVE-2024-4577 | https://github.com/gmh5225/CVE-2024-4577-PHP-RCE | POC Details |
| 79 | php-cgi-cve-2024-4577 | https://github.com/tpdlshdmlrkfmcla/php-cgi-cve-2024-4577 | POC Details |
| 80 | PHP CGI Parameter Injection Vulnerability (RCE: Remote Code Execution) | https://github.com/Gill-Singh-A/CVE-2024-4577-Exploit | POC Details |
| 81 | 使用PowsrShell掃描CVE-2024-4577 | https://github.com/tntrock/CVE-2024-4577_PowerShell | POC Details |
| 82 | None | https://github.com/KimJuhyeong95/cve-2024-4577 | POC Details |
| 83 | CVE-2024-4577.py | https://github.com/ibrahmsql/CVE-2024-4577 | POC Details |
| 84 | Exploit (C) CVE-2024-4577 on PHP CGI | https://github.com/byteReaper77/CVE-2024-4577 | POC Details |
| 85 | None | https://github.com/r0otk3r/CVE-2024-4577 | POC Details |
| 86 | Delivering PHP RCE (CVE-2024-4577) to the Local Network Servers | https://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE | POC Details |
| 87 | Exploit for php-cgi | https://github.com/Skycritch/CVE-2024-4577 | POC Details |
| 88 | CVE-2024-4577 Mass Scanner & Exploit Tool | https://github.com/CirqueiraDev/MassExploit-CVE-2024-4577 | POC Details |
| 89 | CVE-2024-4577 | https://github.com/Ra1n-60W/CVE-2024-4577 | POC Details |
| 90 | None | https://github.com/xAL6/cve-2024-4577-scanner | POC Details |
| 91 | None | https://github.com/Ianthinus/CVE-2024-4577 | POC Details |
| 92 | A PHP CGI Vulnerability Scanner for CVE-2024-4577 | https://github.com/InfoSec-DB/PHPCGIScanner | POC Details |
| 93 | None | https://github.com/a1ex-var1amov/ctf-cve-2024-4577 | POC Details |
| 94 | Delivering PHP RCE (CVE-2024-4577) to the Local Network Servers | https://github.com/mananjain61/PHP-CGI-INTERNAL-RCE | POC Details |
| 95 | None | https://github.com/wilss0n/CVE-2024-4577 | POC Details |
| 96 | None | https://github.com/eagerapps/CVE-2024-4577 | POC Details |
| 97 | None | https://github.com/0XFFFF-XD/CVE-2024-4577-PHP-CGI-RCE | POC Details |
| 98 | CVE-2024-4577 | https://github.com/aavamin/cve-2024-4577 | POC Details |
| 99 | None | https://github.com/pararam-org/CVE-2024-4577 | POC Details |
| 100 | None | https://github.com/graphite-org/CVE-2024-4577 | POC Details |
| 101 | CVE-2024-4577 PHP CGI Argument Injection - Detection Lab with Vagrant VMs and Wazuh SIEM rules | https://github.com/rayngnpc/CVE-2024-4577-rayng | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-4577
请登录查看更多情报信息。
Same Patch Batch · PHP Group · 2024-06-09 · 4 CVEs total
| CVE-2024-5585 | 7.7 HIGH | Command injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fi |
| CVE-2024-5458 | 5.3 MEDIUM | Filter bypass in filter_var (FILTER_VALIDATE_URL) |
| CVE-2024-2408 | PHP is vulnerable to the Marvin Attack |
IV. Related Vulnerabilities
Same product: PHP
Same vendor: PHP Group
Same weakness: CWE-78
- CVE-2026-8273
D-Link DNS-320 system_mgr.cgi cgi_merge_user os command inje - CVE-2026-8272
D-Link DNS-320 webfile_mgr.cgi chown os command injection - CVE-2026-8271
D-Link DNS-320 network_mgr.cgi cgi_upnp_edit os command inje - CVE-2026-8265
Tenda AC6 httpd getLogFile get_log_file os command injection - CVE-2026-8264
Tenda AC6 httpd WifiApScan formWifiApScan os command injecti
V. Comments for CVE-2024-4577
No comments yet