The vulnerability tracked as CVE-2024-4577 allows an attacker to perform code injection on a Windows server that runs a PHP service.
The following versions are impacted:
- 8.1.x before 8.1.29
- 8.2.x before 8.2.20
- 8.3.x before 8.3.8
- 5.x to 8.0.x (outdated versions)
Stormshield Network Security (SNS) appliance protects you from that attack, thanks to default IPS protection. To work efficiently, the SSL proxy must be enabled.
| ID | Name |
| http:82 | Bad UTF-8 encoding in URL |