There was a problem loading the comments.

Security Advisory CVE-2024-4577: PHP CGI Argument Injection Vulnerability

Support Portal  »  Announcements  »  Viewing Article

  Print

A critical remote code execution vulnerability affects older PHP versions prior to 8.3.8, 8.2.20, and 8.1.29 configured in CGI mode has been reported.  Although FileCloud does not use PHP-CGI, the module is included in the installation package, which exposes FileCloud to the vulnerability. 

 

Affected Versions

Windows FileCloud installations of 22.1 through 23.232.1.

 

For the full article and how to patch this, please see the advisory on the link below.

Advisory 2024-06/01 PHP CGI Argument Injection Vulnerability - FileCloud Docs - Server


Share via

Related Articles


Self-Hosted Help Desk Software by SupportPal
© FileCloud