Get a Pentest and security assessment of your IT network.

Cyber Security

PHP Bug Allows Remote Code-Execution on NGINX Servers

The bug (CVE-2019-11043) exists in the FastCGI directive used in some PHP implementations on NGINX servers. The issue is patched in PHP versions 7.3.11, 7.2.24 and 7.1.33, which were released last week. The bug can be exploited by sending specially crafted packets to the server by using the fastcgi_split_path directive and a regexp trick with newlines. Without patching, this issue can be a dangerous entry point into web applications.

Source: https://threatpost.com/php-bug-rce-nginx-servers/149593/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation