Attackers can gain control over the underlying server.
If the script is accessible and the vendor directory is not protected, the server will execute id and return the output.
If you're on PHPUnit 6.x, 7.x, 8.x, or 9.x, you are safe. vendor phpunit phpunit src util php eval-stdin.php cve
CVE-2017-9841 affects all PHPUnit versions before the following patched releases:
in your project directory to immediately check your installed version. Attackers can gain control over the underlying server
In affected versions, the eval-stdin.php file contained the following line: eval('?>' . file_get_contents('php://input')); Use code with caution. Copied to clipboard
POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 Use code with caution.
using a tool like GitHub's Dependabot to identify if this or similar vulnerabilities are present in your codebase.
An attacker does not need prior access to the system. They simply need to make a POST request to the path where the vendor folder is exposed to the internet. http://your-app.com
Successful exploitation of this vulnerability can lead to: