VDB
CVE-2017-9841
CVE-2017-9841
PUBLISHED
KEV
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
EPSS 94.21% · 99.9th percentile
Risk Scores
EPSS Score
94.21%
99.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | phpunit | 0, 4.7.6-1, 4.8.16-1 |
Exploit Intelligence
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
…and 1115 more exploits
Timeline
- CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Oct 27, 2021 PoC Published
- Dec 27, 2021 EPSS Score
- Feb 2, 2022 PoC Published
- Feb 4, 2022 EPSS Score
- Feb 15, 2022 CISA KEV Added
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-9841 third-party-advisory
- http://phpunit.vulnbusters.com/ third-party-advisory
- https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5 third-party-advisory
- https://github.com/sebastianbergmann/phpunit/pull/1956 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-9841 third-party-advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog third-party-advisory
- https://ubuntu.com/security/notices/USN-7171-1 vendor-advisory