This issue was found in Pingkon PHP. It has been rated as moderate. It may be exploited by hackers to cause a denial-of-service. This vulnerability can be exploited by posting a specially crafted request to a PHP script. The request must contain specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote. The vulnerability has been confirmed to be exploited by hackers. It may be exploited by remote attackers directly. There are probably no mitigations against this issue. This issue is confirmed to be exploited in the wild. It may lead to the execution of arbitrary code. It is highly likely that it will be exploited in the future as well.

Vulnerability Overview: CVE-2022-3972

This issue was found in PHP and it has been rated as moderate. It may be exploited by hackers to cause a denial-of-service. This vulnerability can be exploited by posting a specially crafted request to a PHP script. The request must contain specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote. The vulnerability has been confirmed to be exploited in the wild. It may lead to the execution of arbitrary code. It is highly likely that it will be exploited in the future as well.

Vulnerability overview

A vulnerability has been found in Pingkon PHP. The vulnerability is a remote code execution flaw. It may be exploited by hackers to cause a denial-of-service. This vulnerability can be exploited by posting a specially crafted request to a PHP script that contains specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote, and the vulnerable application has been confirmed to be exploited in the wild, so this issue will likely be exploited again in the future as well.

Vulnerability Introduction and Technical Description

Pingkon PHP was vulnerable to a denial-of-service attack. This vulnerability could be exploited by posting a specially crafted request to a PHP script. The request must contain specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote. The vulnerability has been confirmed to be exploited in the wild. It may be exploited by remote attackers directly. There are probably no mitigations against this issue. This issue is confirmed to be exploited in the wild. It may lead to the execution of arbitrary code. It is highly likely that it will be exploited in the future as well.

Timeline

Published on: 11/13/2022 10:15:00 UTC
Last modified on: 11/17/2022 20:30:00 UTC

References