PT-2012-1212 · Php +4 · Php +4

Nielsdos

Published

2012-05-07

Updated

2025-09-28

CVE-2012-1823

CVSS v2.0

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

**Name of the Vulnerable Software and Affected Versions**

PHP versions prior to 5.3.12

PHP versions 5.4.x prior to 5.4.2

**Description**

The issue arises from insufficient input validation in the sapi/cgi/cgi main.c component of the PHP interpreter. This allows remote attackers to execute arbitrary code by placing command-line options in the query string, specifically when the query string lacks an equals sign character. The vulnerability is related to the lack of skipping a certain php getopt for the 'd' case.

**Recommendations**

For PHP versions prior to 5.3.12, update to version 5.3.12 or later.

For PHP versions 5.4.x prior to 5.4.2, update to version 5.4.2 or later.

As a temporary workaround, consider restricting access to the CGI script to minimize the risk of exploitation.

Exploit

Fix

RCE

Command Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-77CWE-89

Related Identifiers

APACHEPHPCGI3DRCECHECK

APACHEPHPCGIRCECHECK

BDU:2021-04416

BDU:2022-02622

BDU:2022-02625

CESA-2012_0546

CVE-2012-1823

DSA-2465-1

ELSA-2012-0546

HPSBUX02791

OPENSUSE-SU-2012_0590-1

OPENSUSE-SU-2024:10290-1

OPENSUSE-SU-2024:10344-1

OPENSUSE-SU-2024:11169-1

RHSA-2012:0546

RHSA-2012:0547

RHSA-2012:0568

RHSA-2012:0569

RHSA-2012:0570

RHSA-2012_0546

RHSA-2012_0547

RHSA-2012_0568

Affected Products

Centos

Hp-Ux

Php

Red Hat

Suse

PT-2012-1212 · Php +4 · Php +4

Weakness Enumeration

Related Identifiers

Affected Products

References · 229