CVE-2024-4577CISA KEV: Actively Exploited

PHP-CGI OS Command Injection Vulnerability

Published Jun 12, 2024·Updated Jun 12, 2024

Description

PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.

Public Exploits & PoCs65 found

PoC: CVE-2024-4577

PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC

11

PoC: CVE-2024-4577-checker

A Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI.

2

PoC: CVE-2024-4577

PHP CGI Argument Injection vulnerability

2

PoC: CVE-2024-4577-PHP-RCE

全球首款利用PHP默认环境的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP

2

PoC: PHP-CGI-INTERNAL-RCE

Delivering PHP RCE (CVE-2024-4577) to the Local Network Servers

1

PoC: CVE-2024-4577

Exploit (C) CVE-2024-4577 on PHP CGI

1

PoC: CVE-2024-4577

Fixed and minimalist PoC of the CVE-2024-4577

1

PoC: CVE-2024-4577

php-cgi RCE快速检测

1

PoC: CVE-2024-4577

Proof Of Concept RCE exploit for critical vulnerability in PHP <8.2.15 (Windows), allowing attackers to execute arbitrary commands.

1

PoC: CVE-2024-4577-nuclei

CVE-2024-4577 nuclei-templates

1

PoC: CVE-2024-4577

POC & $BASH script for CVE-2024-4577

1

PoC: PHP_8.1.x_Exploit

Automated detection & exploitation of critical PHP vulnerabilities (CVE-2024-4577 bypass, CVE-2025-14177, CVE-2025-14180, CVE-2025-14178)

PoC: CVE-2024-4577-rayng

CVE-2024-4577 PHP CGI Argument Injection - Detection Lab with Vagrant VMs and Wazuh SIEM rules

PoC: PHPCGIScanner

A PHP CGI Vulnerability Scanner for CVE-2024-4577

PoC: MassExploit-CVE-2024-4577

CVE-2024-4577 Mass Scanner & Exploit Tool

PoC: CVE-2024-4577

Exploit for php-cgi

PoC: PHP-CGI-INTERNAL-RCE

Delivering PHP RCE (CVE-2024-4577) to the Local Network Servers

PoC: CVE-2024-4577

CVE-2024-4577.py

PoC: CVE-2024-4577-PHP-RCE

PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam

PoC: CVE-2024-4577_PowerShell

使用PowsrShell掃描CVE-2024-4577

PoC: CVE-2024-4577-PHP-RCE

PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam

PoC: CVE-2024-4577-Exploit

PHP CGI Parameter Injection Vulnerability (RCE: Remote Code Execution)

PoC: CVE-2024-4577

PHP CGI CVE-2024-4577 PoC

PoC: CVE-2024-4577-PHP-RCE

PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam

PoC: CVE-2024-4577-PHP-RCE

PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam

PoC: CVE-2024-4577-PHP-RCE

PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam

PoC: php-cgi-Injector

一個測試CVE-2024-4577和CVE-2024-8926的安全滲透工具

PoC: CVE-2024-4577

PHP CGI CVE-2024-4577 PoC

PoC: php-cgi-cve-2024-4577

php-cgi-cve-2024-4577

PoC: CVE-2024-4577

CVE-2024-4577 POC

PoC: CVE-2024-4577-RCE-PoC

CVE-2024-4577 RCE PoC

PoC: Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-

🚨 New Incident Report Completed! 🚨 Just wrapped up "Event ID 268: SOC292 - Possible PHP Injection Detected (CVE-2024-4577)" on LetsDefend.io. This analysis involved investigating an attempted Command Injection targeting our PHP server. Staying ahead of these threats with continuous monitoring and swift containment! 🛡️

PoC: PHP-CGI-RCE-Scanner

Scanning CVE-2024-4577 vulnerability with a url list.

PoC: CVE-2024-4577-RCE

PHP CGI Argument Injection (CVE-2024-4577) RCE

PoC: CVE-2024-4577

CVE-2024-4577 Exploits

PoC: CVE-2024-4577

批量验证POC和EXP

PoC: CVE-2024-4577

CVE

PoC: CVE-2024-4577

PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC

PoC: CVE-2024-4577-PHP-RCE

Automated PHP remote code execution scanner for CVE-2024-4577

PoC: CVE-2024-4577-PHP-RCE

Automated PHP remote code execution scanner for CVE-2024-4577

PoC: CVE-2024-4577-RCE-ATTACK

ATTACK PoC - PHP CVE-2024-4577

PoC: CVE-2024-4577-RCE

PoC - PHP CGI Argument Injection CVE-2024-4577 (Scanner and Exploitation)

PoC: CVE-2024-4577

CVE-2024-4577 Exploits

PoC: CVE-2024-4577

CVE-2024-4577 EXP

PoC: CVE-2024-4577

Create lab for CVE-2024-4577

PoC: CVE-2024-4577

CVE-2024-4577

PoC: CVE-2024-4577-LetsDefend-walkthrough

This is an Incident Response Walkthrough: Mitigating a Zero-Day Attack (CVE-2024-4577)

PoC: CVE-2024-4577

CVE-2024-4577 POC

PoC: CVE-2024-4577

Python script for get reverse shell with using CVE-2024-4577

PoC: CVE-2024-4577

PHP CGI Remote Code Execution (CVE-2024-4577) PoC

PoC: CVE-2024-4577

Argument injection vulnerability in PHP

PoC: CVE-2024-4577_Analysis

Vietnam National Cyber Security (NCS)'s Internship - 2nd Test

PoC: Shodan-CVE-2024-4577

POC for CVE-2024-4577 with Shodan integration

PoC: CVE-2024-4577-POC

CVE-2024-4577

PoC: CVE-2024-4577

This is a PoC for PHP CVE-2024-4577.

PoC: check_cve_2024_4577.sh

Bash script that checks if a PHP CGI setup is vulnerable to the CVE-2024-4577 argument injection vulnerability

PoC: CVE-2024-4577-EXPLOIT

A PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE)

PoC: CVE-2024-4577

python poc编写练手,可以对单个目标或批量检测

PoC: CVE-2024-4577-PoC

PoC for CVE-2024-4577 written in bash, go, python and a nuclei template

PoC: CVE-2024-4577

CVE-2024-4577 Exploit POC

PoC: CVE-2024-4577

Nuclei Template for CVE-2024-4577

PoC: CVE-2024-4577

CVE-2024-4577

PoC: CVE-2024-4577

PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC

PoC: CVE-2024-4577

CVE-2024-4577

PoC: CVE-2024-4577

CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free