CVE-2024-4577 - Critical PHP-CGI Argument Injection Vulnerability


Date: Jun 17, 2024
Time: 2:30 pm NZST

A critical security advisory has been released relating to a PHP vulnerability that bypasses protections using specific character sequences and can execute arbitrary code through an argument injection attack. Several sources have also publicly disclosed the availability of exploit code.

We can confirm that the RedShield service has protections in place that prevent exploitation of this vulnerability.

RedShield continuously monitors a range of sources for notifications of this type and, for highly rated findings, takes proactive steps to address them. If you have questions relating to this, or any other vulnerability, please raise a request with our team using

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request