CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2012-1823

CVSS 9.8v3.1pub. 2012-05-11upd. 2026-04-21

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Apple Mac Os X

    OS
    Apple
    10.8.0 – 10.8.2 (bez)10.6.8 – 10.7.5 (bez)
  • Debian

    OS
    Debian
    6.0
  • Fedora Project Fedora

    OS
    Fedoraproject
    3940
  • HP Ux

    OS
    Hp
    b.11.23b.11.31
  • Opensuse

    OS
    Opensuse
    11.412.1
  • PHP

    APP
    Php
    < 5.3.125.4.0 – 5.4.2 (bez)
  • Red Hat Application Stack

    APP
    Redhat
    2.0
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    6.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    5.66.16.2
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    5.06.0
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    5.35.6
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    5.06.0
  • Red Hat Gluster Storage Server For On Premise

    APP
    Redhat
    2.0
  • Red Hat Storage

    APP
    Redhat
    2.0
  • Red Hat Storage For Public Cloud

    APP
    Redhat
    2.0
  • SUSE Linux Enterprise Server

    OS
    Suse
    1011
  • SUSE Linux Enterprise Software Development Kit

    OS
    Suse
    1011

CISA KEV — detailsi

Vendori
PHP
Producti
PHP
Added to KEVi
March 25, 2022
Remediation deadline (US Federal)i
April 15, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 15 kwietnia 2022
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt

GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE przez deserializację PHP w Roundcube Webmail (parametr _from)

CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)

CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki