| Item | Value | |------|-------| | Vulnerability | Remote Code Execution (RCE) | | CVE | CVE-2017-9841 | | Affected File | vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | | Attack Vector | HTTP POST to that file with PHP code in body | | Patch | Remove PHPUnit from production / upgrade to PHPUnit ≥ 7.0 | | Detection | grep -r "eval-stdin" /var/www / web logs for POST to that URI |
git clone https://github.com/sebastianbergmann/phpunit.git vendor phpunit phpunit src util php eval-stdin.php cve
By sending a standard HTTP POST request to this file, an unauthenticated attacker could include arbitrary PHP code in the request body. If the payload began with the | Item | Value | |------|-------| | Vulnerability
An attacker sends an HTTP POST request containing malicious PHP code (starting with /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php vendor phpunit phpunit src util php eval-stdin.php cve
