Security News > 2025 > March > PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
2025-03-07 04:42
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technical
News URL
https://thehackernews.com/2025/03/php-cgi-rce-flaw-exploited-in-attacks.html
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- Indian tech giant Tata Technologies hit by ransomware attack (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-09 | CVE-2024-4577 | OS Command Injection vulnerability in multiple products In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. | 9.8 |