What is the PHPUnit eval-stdin.php Vulnerability (CVE-2017-9841)?
If you want, I can:
| Item | Value | |------|-------| | Vulnerability | Remote Code Execution (RCE) | | CVE | CVE-2017-9841 | | Affected File | vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | | Attack Vector | HTTP POST to that file with PHP code in body | | Patch | Remove PHPUnit from production / upgrade to PHPUnit ≥ 7.0 | | Detection | grep -r "eval-stdin" /var/www / web logs for POST to that URI | vendor phpunit phpunit src util php eval-stdin.php cve
The physical location of the vulnerable script within a standard Composer deployment architecture is: vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php The Vulnerable Source Code
: By prepending ?> (the PHP closing tag), the code instructs the compiler to immediately exit inline template mode and treat any following text as raw, executable PHP code blocks beginning with What is the PHPUnit eval-stdin
The exploitation process is simple, involving just a few steps.
Or simply attempt to access the file via a browser or curl . An attacker can trigger remote command execution by
An attacker can trigger remote command execution by issuing an unauthenticated HTTP POST request directly to the vulnerable path: