Details
Alert ID 20018
Alert Type Active
Status release
Risk High
CWE 20
WASC 20
Technologies Targeted Language / PHP
Tags CVE-2012-1823
CWE-20
OWASP_2017_A09
OWASP_2021_A06
POLICY_QA_FULL
WSTG-V42-INPV-12
More Info Scan Rule Help

Summary

Some PHP versions, when configured to run using CGI, do not correctly handle query strings that lack an unescaped “=” character, enabling arbitrary code execution. In this case, an operating system command was caused to be executed on the web server, and the results were returned to the web browser.

Solution

Upgrade to the latest stable version of PHP, or use the Apache web server and the mod_rewrite module to filter out malicious requests using the "RewriteCond" and "RewriteRule" directives.

Other Info

References

Code

org/zaproxy/zap/extension/ascanrules/RemoteCodeExecutionCve20121823ScanRule.java