mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.5 KiB
1.5 KiB
CVE-2023-3824
Description
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
POC
Reference
Github
- https://github.com/IamdLite/lockbit-message-fbi
- https://github.com/NewLockBit/CVE-2023-3824-PHP-to-RCE
- https://github.com/NewLockBit/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK
- https://github.com/NewLockBit/CVE-2023-3824-PHP-to-RCE-National-Crime-AgencyLEAK
- https://github.com/NewLockBit/Research-of-CVE-2023-3824-NCA-Lockbit
- https://github.com/Nfttkcauzy/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK
- https://github.com/Nuki2u/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK
- https://github.com/StayBeautiful-collab/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/jhonnybonny/CVE-2023-3824
- https://github.com/nomi-sec/PoC-in-GitHub