关联漏洞
标题:
PHPUnit 安全漏洞
(CVE-2017-9841)
描述:TYPO3是瑞士TYPO3协会维护的一套免费开源的内容管理系统。PHPUnit是其中的一个基于PHP的测试框架。 PHPUnit 4.8.28之前的版本和5.6.3之前的5.x版本中的Util/PHP/eval-stdin.php文件存在安全漏洞。远程攻击者可通过发送以‘<?php’字符串开头的HTTP POST数据利用该漏洞执行任意PHP代码。
描述
A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)
介绍
# CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)
This vulnerability affects PHPUnit versions before 4.8.28 and all 5.x versions before 5.6.3. It allows attackers to execute arbitrary PHP code on servers where PHPUnit is exposed. The issue exists in the `eval-stdin.php` file located in PHPUnit's Util/PHP directory. When this file is accessible (typically when the /vendor folder is exposed), attackers can send malicious HTTP POST requests containing PHP code starting with `<?php ` to execute arbitrary commands on the server.
## Impact
- Remote code execution on vulnerable servers
- Full server compromise if PHPUnit is exposed
- Particularly dangerous when /vendor directories are publicly accessible
## Affected Versions
- PHPUnit 4.x before 4.8.28
- PHPUnit 5.x before 5.6.3
## Solution
- Upgrade PHPUnit to version 4.8.28 or 5.6.3 (or later)
- Ensure /vendor directories are not publicly accessible
- Remove or restrict access to eval-stdin.php if upgrade isn't immediately possible
## References
- [CVE-2017-9841](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841)
文件快照
[4.0K] /data/pocs/2b4481b33371f6614b742ca61a430188d70e46ac
├── [3.0K] CVE-2017-9841.go
└── [1.1K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。