PT-2025-10597 · Undefined · Undefined
Published
2025-03-10
·
Updated
2025-03-11
·
CVE-2024-457
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
#ParsedReport #CompletenessMedium
10-03-2025
GreyNoise Detects Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577), Signaling Broad Campaign
Report completeness: Medium
Threats:
Cobalt strike
Taowu tool
Victims:
Japanese organizations
Geo:
Germany, China, Japanese, Spain, India, Singapore, Japan, Indonesia
CVEs:
CVE-2024-4577 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- php (<8.1.29, <8.2.20, <8.3.8)
ChatGPT TTPs:
do not use without manual check
T1190, T1059.001, T1105
IOCs:
Hash: 1
Url: 1
IP: 2
Soft:
Internet Explorer, Slack
Algorithms:
md5
Languages:
powershell
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined