Taking advantage of the error of PHP7, hackers attacked the remote web servers.

Tram Ho

PHP is known as a very famous programming language, it is used to create CMS (content management systems) like WordPress and Drupal. Even complex web applications such as Facebook. Because of that, its vulnerabilities are also exploited by the community.

Related images

A few days ago, Emil Neex Lerner , a Russian security expert, just announced the error remote-code execution of PHP7″  

With this security error, namely the CVE-ID of 2019-11043 , the remote web server attacker will simply execute arbitrary code with a pre-made URL. An attacker just needs to add “? A =” to the website address, along with their payload.

Image results for PHP hackers

Catalin’s Cimpanu ZDNe t been shown that this error may cause the hack becomes increasingly easy, so simple that anyone can “practice” do try.

Fortunately, this error only affects servers using NGINX web servers with PHP-FPM extension . PHP-FPM is an improved version of FastCGI, with a few features designed specifically for high-traffic websites.

In fact, components are not really necessary for using PHP 7, but they are still widely available for commercially available products. Cimpanu also pointed out, Nextcloud, a productivity software company currently using PHP7 with NGINX and PHP-FPM, is warning their users, asking them to update them to avoid this error.

Website owners who cannot update PHP themselves can limit errors by resetting the rules in the PHP mod_security firewall section. Specific instructions can be found here: Wallarm .

Share the news now

Source : Thenextweb