Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

PHP Remote execution CVE-2024-4577

Featured Replies

Dear Unraid devs,

 

thanks for your hard work and continuos support and for the amazing product unraid is.

 

I know you are actually busy developing the next unraid version but as stated before by other community members would be nice to receive some updates regarding the base system for security reason.

 

I am on latest unraid version which according to PHP info ships PHP version 8.2.7 which is vulnerable to the CVE-2024-4577 according to the advisory.

There is an exploit on the wild already and a PoC, I haven't tested it myself. Could you please confirm unraid is vulnerable?

 

Could you please provide a system update to fix this and probably other vulnerable packages that are presents on the system while we wait for the next big major upgrade?

 

Thank you!

 

@ljm42

10 minutes ago, Mik3 said:

Dear Unraid devs,

 

thanks for your hard work and continuos support and for the amazing product unraid is.

 

I know you are actually busy developing the next unraid version but as stated before by other community members would be nice to receive some updates regarding the base system for security reason.

 

I am on latest unraid version which according to PHP info ships PHP version 8.2.7 which is vulnerable to the CVE-2024-4577 according to the advisory.

There is an exploit on the wild already and a PoC, I haven't tested it myself. Could you please confirm unraid is vulnerable?

 

Could you please provide a system update to fix this and probably other vulnerable packages that are presents on the system while we wait for the next big major upgrade?

 

Thank you!

 

@ljm42

Reading the CVE, this oly affects PHP running on Windows.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.