Lucene search
GoogleOSV:GHSA-XJP4-6W75-QRJ7HistoryMar 01, 2022 - 9:44 p.m.
Remote CLI Command Execution Vulnerability in CodeIgniter4
2022-03-0121:44:13
Google
osv.dev
28
0.002 Low
EPSS
Percentile
57.3%
Impact
This vulnerability allows attackers to execute CLI routes via HTTP request.
Patches
Upgrade to v4.1.9 or later.
Workarounds
None.
For more information
If you have any questions or comments about this advisory:
- Open an issue in codeigniter4/CodeIgniter4
- Email us at SECURITY.md
References
github.com/codeigniter4/CodeIgniter4
github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781
github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7
github.com/FriendsOfPHP/security-advisories/blob/master/codeigniter4/framework/CVE-2022-24711.yaml
nvd.nist.gov/vuln/detail/CVE-2022-24711
Related
cvelist
cvelist
CVE-2022-24711 Remote CLI Command Execution Vulnerability in CodeIgniter4
2022-02-28 15:45:11
github
github
Remote CLI Command Execution Vulnerability in CodeIgniter4
2022-03-01 21:44:13
nvd
nvd
CVE-2022-24711
2022-02-28 16:15:07
veracode
veracode
Remote Code Execution (RCE)
2022-03-02 06:23:57
osv
osv
CVE-2022-24711
2022-02-28 16:15:07
BIT-codeigniter-2022-24711
2024-03-06 10:54:08
cve
cve
CVE-2022-24711
2022-02-28 16:15:07
friendsofphp
friendsofphp
CVE-2022-24711: Remote CLI Command Execution Vulnerability in CodeIgniter4
2022-02-26 00:51:52
prion
prion
Input validation
2022-02-28 16:15:00