Security News > 2025 > March > Critical PHP RCE vulnerability mass exploited in new attacks

Critical PHP RCE vulnerability mass exploited in new attacks

2025-03-11 14:26

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. [...]

News URL

https://www.bleepingcomputer.com/news/security/critical-php-rce-vulnerability-mass-exploited-in-new-attacks/

#attack #critical #PHP #RCE #vulnerability

Related news

Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors (source)
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
Lightning AI Studio Vulnerability Could've Allowed RCE via Hidden URL Parameter (source)
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
PHP		9	1	43	115	124	283

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.