|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-07-30 | |
| Rule Name: | PHPStudy Code Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Phpstudy is a free program integration package for PHP debugging environment. Backdoors exist in versions of Phpstudy on some non-official download sites that can cause remote code execution. The PhpStudy backdoor code exists in the extphp_xmlrpc.dll module, as long as php successfully loads the backdoor file, the attacker only needs to construct the request header corresponding to the backdoor to trigger the backdoor and execute arbitrary system commands. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |