Date Published: 2022-02-23
QID 150475: PHP Path Traversal Vulnerability (CVE-2021-21706)
PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.
The vulnerability allows a remote attacker overwrite files on the system.
The vulnerability exists due to insufficient filtration of file names in the php_zip_make_relative_path() function on Windows systems. A remote attacker can construct a specially crafted ZIP archive, which once extracted by the ZipArchive::extractTo() function, can overwrite files outside of the destination directory.
7.3.x below 7.3.31
7.4.x below 7.4.24
8.0.x below 8.0.11
QID Detection Logic (Unauthenticated):
This QID checks the HTTP Server header to see if the server is running a vulnerable version of PHP.
Successful exploitation of the vulnerability may allow an attacker to overwrite arbitrary files on the system with privileges of the web server.
- Sec Bug 81420 - bugs.php.net/bug.php?id=81420
CVEs related to QID 150475
|Sec Bug 81420||bugs.php.net/bug.php?id=81420|