Select Page

If you’re running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely.

The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could be exploited easily as a proof-of-concept (PoC) exploit for the flaw has already been released publicly.

PHP-FPM is an alternative PHP FastCGI implementation that offers advanced and highly-efficient processing for scripts written in PHP programming language.

The main vulnerability is an “env_path_info” underflow memory corruption issue in the PHP-FPM module, and chaining it together with other issues could allow attackers to remotely execute arbitrary code on vulnerable web servers.

images from Hacker News