KEV · Actively exploited
CVE-2024-4577
CRITICAL 9.8
KEV
Argument Injection in PHP-CGI
EPSS
94.39%
exploit likely
percentile 100.0%
CISA Known Exploited Vulnerability
- Added to KEV
- 2024-06-12
- Remediation deadline
- 2024-07-03
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Ransomware
- Yes, known ransomware campaign