Year-Old PHP Vulnerability Is One of the Most Targeted Vulnerabilities
CVE-2017-9841, a critical remote code execution vulnerability in PHPUnit, remains one of the most targeted vulnerabilities nearly six years after its disclosure. Recent data shows over 80,000 exploitation attempts in just 30 days, indicating a sustained campaign by attackers. The vulnerability arises from a testing utility that was inadvertently left accessible in production environments, allowing for easy exploitation.
- ▪CVE-2017-9841 has a CVSS score of 9.8, indicating its critical nature.
- ▪In the last 30 days, there have been over 80,000 exploitation attempts detected.
- ▪The vulnerability allows attackers to execute PHP code on the server without authentication.
Opening excerpt (first ~120 words) tap to expand
CVE: CVE-2017-9841 | CVSS: 9.8 Critical | EPSS: 94.2% (99.9th percentile)Some vulnerabilities get patched, forgotten, and fade into the historical record. CVE-2017-9841 is not one of them.Nearly a decade after PHPUnit's eval-stdin.php file was identified as a trivially exploitable remote code execution vector, VulnCheck Canary data shows the vulnerability is one of the most actively targeted in our systems, with over 80,000 exploitation attempts detected in the last 30 days across our global Canaries network, and more than 36,500 hits in just the last 10 days. Attackers haven't moved on.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at VulnCheck.
Discussion
0 commentsMore from VulnCheck
