nvd-json-data-feeds/CVE-2024/CVE-2024-45xx/CVE-2024-4577.json

{
  "id": "CVE-2024-4577",
  "sourceIdentifier": "security@php.net",
  "published": "2024-06-09T20:15:09.550",
  "lastModified": "2025-03-28T15:12:44.513",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In PHP versions\u00a08.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to\u00a0Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc."
    },
    {
      "lang": "es",
      "value": "En las versiones de PHP 8.1.* anteriores a 8.1.29, 8.2.* anteriores a 8.2.20, 8.3.* anteriores a 8.3.8, cuando se usa Apache y PHP-CGI en Windows, si el sistema est\u00e1 configurado para usar ciertas p\u00e1ginas de c\u00f3digos, Windows puede utilizar el comportamiento \"Mejor ajuste\" para reemplazar caracteres en la l\u00ednea de comando proporcionada a las funciones de la API de Win32. El m\u00f3dulo PHP CGI puede malinterpretar esos caracteres como opciones de PHP, lo que puede permitir a un usuario malintencionado pasar opciones al binario PHP que se est\u00e1 ejecutando y, por lo tanto, revelar el c\u00f3digo fuente de los scripts, ejecutar c\u00f3digo PHP arbitrario en el servidor, etc."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security@php.net",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      },
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ]
  },
  "cisaExploitAdd": "2024-06-12",
  "cisaActionDue": "2024-07-03",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "PHP-CGI OS Command Injection Vulnerability",
  "weaknesses": [
    {
      "source": "security@php.net",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    },
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "8.1.0",
              "versionEndExcluding": "8.1.29",
              "matchCriteriaId": "7DC2EEF8-834B-42A1-8DA3-0C2CF22A7070"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "8.2.0",
              "versionEndExcluding": "8.2.20",
              "matchCriteriaId": "A39988FF-D854-4277-9D66-6911AF371DD3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "8.3.0",
              "versionEndExcluding": "8.3.8",
              "matchCriteriaId": "F579FFC1-4F81-4755-B14B-3AA73AC9FF7A"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1",
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Press/Media Coverage",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/11whoami99/CVE-2024-4577",
      "source": "security@php.net",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",
      "source": "security@php.net",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/rapid7/metasploit-framework/pull/19247",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch"
      ]
    },
    {
      "url": "https://github.com/watchtowrlabs/CVE-2024-4577",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://isc.sans.edu/diary/30994",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",
      "source": "security@php.net",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",
      "source": "security@php.net",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20240621-0008/",
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.php.net/ChangeLog-8.php#8.1.29",
      "source": "security@php.net",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "https://www.php.net/ChangeLog-8.php#8.2.20",
      "source": "security@php.net",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "https://www.php.net/ChangeLog-8.php#8.3.8",
      "source": "security@php.net",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Press/Media Coverage",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://blog.talosintelligence.com/new-persistent-attacks-japan/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/11whoami99/CVE-2024-4577",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/rapid7/metasploit-framework/pull/19247",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch"
      ]
    },
    {
      "url": "https://github.com/watchtowrlabs/CVE-2024-4577",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://isc.sans.edu/diary/30994",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20240621-0008/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.php.net/ChangeLog-8.php#8.1.29",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "https://www.php.net/ChangeLog-8.php#8.2.20",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "https://www.php.net/ChangeLog-8.php#8.3.8",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`{`
			`"id": "CVE-2024-4577",`
			`"sourceIdentifier": "security@php.net",`
			`"published": "2024-06-09T20:15:09.550",`
Auto-Update: 2025-03-28T17:00:21.191410+00:00 2025-03-28 17:03:52 +00:00			`"lastModified": "2025-03-28T15:12:44.513",`
Auto-Update: 2025-03-21T21:00:20.067217+00:00 2025-03-21 21:03:50 +00:00			`"vulnStatus": "Analyzed",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "In PHP versions\u00a08.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to\u00a0Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc."
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": "En las versiones de PHP 8.1.* anteriores a 8.1.29, 8.2.* anteriores a 8.2.20, 8.3.* anteriores a 8.3.8, cuando se usa Apache y PHP-CGI en Windows, si el sistema est\u00e1 configurado para usar ciertas p\u00e1ginas de c\u00f3digos, Windows puede utilizar el comportamiento \"Mejor ajuste\" para reemplazar caracteres en la l\u00ednea de comando proporcionada a las funciones de la API de Win32. El m\u00f3dulo PHP CGI puede malinterpretar esos caracteres como opciones de PHP, lo que puede permitir a un usuario malintencionado pasar opciones al binario PHP que se est\u00e1 ejecutando y, por lo tanto, revelar el c\u00f3digo fuente de los scripts, ejecutar c\u00f3digo PHP arbitrario en el servidor, etc."
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "security@php.net",`
			`"type": "Secondary",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 9.8,`
			`"baseSeverity": "CRITICAL",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "HIGH"`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 5.9`
			`},`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 9.8,`
			`"baseSeverity": "CRITICAL",`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "HIGH"`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"cisaExploitAdd": "2024-06-12",`
			`"cisaActionDue": "2024-07-03",`
			`"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",`
			`"cisaVulnerabilityName": "PHP-CGI OS Command Injection Vulnerability",`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`"weaknesses": [`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "security@php.net",`
			`"type": "Secondary",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-78"`
			`}`
			`]`
			`},`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-78"`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"configurations": [`
			`{`
Auto-Update: 2025-03-28T17:00:21.191410+00:00 2025-03-28 17:03:52 +00:00			`"operator": "AND",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:php:php::::::::",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"versionStartIncluding": "8.1.0",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"versionEndExcluding": "8.1.29",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"matchCriteriaId": "7DC2EEF8-834B-42A1-8DA3-0C2CF22A7070"`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:php:php::::::::",`
			`"versionStartIncluding": "8.2.0",`
			`"versionEndExcluding": "8.2.20",`
			`"matchCriteriaId": "A39988FF-D854-4277-9D66-6911AF371DD3"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:php:php::::::::",`
			`"versionStartIncluding": "8.3.0",`
			`"versionEndExcluding": "8.3.8",`
			`"matchCriteriaId": "F579FFC1-4F81-4755-B14B-3AA73AC9FF7A"`
			`}`
			`]`
Auto-Update: 2025-03-28T17:00:21.191410+00:00 2025-03-28 17:03:52 +00:00			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:o:microsoft:windows:-:::::::*",`
			`"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"`
			`}`
			`]`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`}`
			`]`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`},`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:fedoraproject:fedora:39:::::::*",`
			`"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:fedoraproject:fedora:40:::::::*",`
			`"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"`
			`}`
			`]`
			`}`
			`]`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`}`
			`],`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`"references": [`
Auto-Update: 2024-06-10T18:00:18.698264+00:00 2024-06-10 18:03:10 +00:00			`{`
			`"url": "http://www.openwall.com/lists/oss-security/2024/06/07/1",`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Mailing List",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Third Party Advisory"`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`]`
Auto-Update: 2024-06-10T18:00:18.698264+00:00 2024-06-10 18:03:10 +00:00			`},`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`{`
			`"url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit",`
Auto-Update: 2024-08-14T20:00:17.934585+00:00 2024-08-14 20:03:14 +00:00			`"Press/Media Coverage",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",`
			`"source": "security@php.net",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://github.com/11whoami99/CVE-2024-4577",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`{`
			`"url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
Auto-Update: 2025-03-14T03:00:20.055175+00:00 2025-03-14 03:03:51 +00:00			`"Broken Link",`
			`"Exploit",`
			`"Third Party Advisory"`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://github.com/rapid7/metasploit-framework/pull/19247",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
Auto-Update: 2024-08-14T20:00:17.934585+00:00 2024-08-14 20:03:14 +00:00			`"Exploit",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Issue Tracking",`
			`"Patch"`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://github.com/watchtowrlabs/CVE-2024-4577",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://isc.sans.edu/diary/30994",`
			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
Auto-Update: 2024-06-12T04:00:20.184224+00:00 2024-06-12 04:03:12 +00:00			`{`
			`"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`"source": "security@php.net",`
			`"tags": [`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Mailing List"`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`]`
Auto-Update: 2024-06-12T04:00:20.184224+00:00 2024-06-12 04:03:12 +00:00			`},`
Auto-Update: 2024-06-13T06:00:18.885652+00:00 2024-06-13 06:03:10 +00:00			`{`
			`"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`"source": "security@php.net",`
			`"tags": [`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Mailing List"`
Auto-Update: 2024-06-21T12:00:19.528794+00:00 2024-06-21 12:03:14 +00:00			`]`
Auto-Update: 2024-06-13T06:00:18.885652+00:00 2024-06-13 06:03:10 +00:00			`},`
Auto-Update: 2024-06-21T20:00:19.836711+00:00 2024-06-21 20:03:11 +00:00			`{`
			`"url": "https://security.netapp.com/advisory/ntap-20240621-0008/",`
Auto-Update: 2024-08-14T20:00:17.934585+00:00 2024-08-14 20:03:14 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-21T20:00:19.836711+00:00 2024-06-21 20:03:11 +00:00			`},`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`{`
			`"url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://www.php.net/ChangeLog-8.php#8.1.29",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Release Notes"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://www.php.net/ChangeLog-8.php#8.2.20",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Release Notes"`
			`]`
Auto-Update: 2024-06-10T04:00:25.154298+00:00 2024-06-10 04:03:18 +00:00			`},`
			`{`
			`"url": "https://www.php.net/ChangeLog-8.php#8.3.8",`
Auto-Update: 2024-06-10T14:00:49.285568+00:00 2024-06-10 14:03:42 +00:00			`"source": "security@php.net",`
			`"tags": [`
			`"Release Notes"`
			`]`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`},`
			`{`
			`"url": "http://www.openwall.com/lists/oss-security/2024/06/07/1",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Mailing List",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Third Party Advisory"`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`]`
			`},`
			`{`
			`"url": "https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Press/Media Coverage",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
Auto-Update: 2025-03-14T03:00:20.055175+00:00 2025-03-14 03:03:51 +00:00			`{`
			`"url": "https://blog.talosintelligence.com/new-persistent-attacks-japan/",`
Auto-Update: 2025-03-21T21:00:20.067217+00:00 2025-03-21 21:03:50 +00:00			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2025-03-14T03:00:20.055175+00:00 2025-03-14 03:03:51 +00:00			`},`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`{`
			`"url": "https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://github.com/11whoami99/CVE-2024-4577",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit"`
			`]`
			`},`
			`{`
			`"url": "https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
Auto-Update: 2025-03-14T03:00:20.055175+00:00 2025-03-14 03:03:51 +00:00			`"Broken Link",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Exploit",`
			`"Third Party Advisory"`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`]`
			`},`
			`{`
			`"url": "https://github.com/rapid7/metasploit-framework/pull/19247",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Issue Tracking",`
			`"Patch"`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`]`
			`},`
			`{`
			`"url": "https://github.com/watchtowrlabs/CVE-2024-4577",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://isc.sans.edu/diary/30994",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Mailing List"`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`]`
			`},`
			`{`
			`"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"Mailing List"`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`]`
			`},`
			`{`
			`"url": "https://security.netapp.com/advisory/ntap-20240621-0008/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://www.php.net/ChangeLog-8.php#8.1.29",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Release Notes"`
			`]`
			`},`
			`{`
			`"url": "https://www.php.net/ChangeLog-8.php#8.2.20",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Release Notes"`
			`]`
			`},`
			`{`
			`"url": "https://www.php.net/ChangeLog-8.php#8.3.8",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Release Notes"`
			`]`
			`},`
			`{`
			`"url": "https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`},`
			`{`
			`"url": "https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577",`
Auto-Update: 2024-12-20T19:00:21.539113+00:00 2024-12-20 19:03:44 +00:00			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-06-09T22:00:18.564942+00:00 2024-06-09 22:03:12 +00:00			`}`
			`]`
			`}`