PHP RCE flaw actively exploited to pop NGINX servers

28 October 2019

A recently patched vulnerability (CVE-2019-11043) in PHP is being actively exploited by attackers to compromise NGINX web servers, threat intelligence firm Bad Packets has confirmed. For a successful exploitation, target servers must have the PHP-FPM (FastCGI Process Manager) feature enabled, but that combination is not as uncommon as initially believed.

Read full article on Help Net Security

Date:

28 October 2019

Categorie(s):

NEWS

Tag(s):

Nginx, Open Source, Open Source Software, PoC, Security Pro

Streamlining Patch Deployment2 May 2024
The future of fintech innovation will be a constant dance between progress and security: AND Global2 May 2024
Securing your organization’s supply chain: Reducing the risks of third parties2 May 2024
Understanding emerging AI and data privacy regulations2 May 2024
reNgine: Open-source automated reconnaissance framework for web applications2 May 2024