CVE Catalog

CVE-2024-54724

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.58%

44th percentile - higher than 44% of all known CVEs

Summary

PHPYun before version 7.0.2 is vulnerable to remote code execution through backdoor-restricted arbitrary file writing and file inclusion.

Risk Assessment

An attacker can exploit this vulnerability to inject malicious code and take over the server, leading to data confidentiality and integrity breaches.

Recommendation

Immediately update PHPYun to version 7.0.2 or later and scan the system for unauthorized files.

Original NVD description (English source)

PHPYun before 7.0.2 is vulnerable to code execution through backdoor-restricted arbitrary file writing and file inclusion.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS