CVE-2012-1823

Name: CVE-2012-1823
Creator: NVD / NIST
Published: 2012-05-11T10:15:48.043+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10Actively ExploitedEPSS 100.00%

Last modified Jun 16, 2026

CVE-2012-1823 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.. CISA has confirmed active exploitation in the wild. EPSS estimates a 100.00% chance of exploitation in the next 30 days.

Description

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

100.00%

100.0th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by Apr 15, 2022.

Weakness Enumeration

Affected Software

Vendor	Product	Versions	Update
Php	Php	< 5.3.12	—
Php	Php	>= 5.4.0, < 5.4.2	—
Fedoraproject	Fedora	39	—
Fedoraproject	Fedora	40	—
Debian	Debian Linux	6.0	—
Hp	Hp-Ux	b.11.23	—
Hp	Hp-Ux	b.11.31	—
Opensuse	Opensuse	11.4	—
Opensuse	Opensuse	12.1	—
Suse	Linux Enterprise Server	10	Sp4
Suse	Linux Enterprise Server	11	Sp2
Suse	Linux Enterprise Software Development Kit	10	Sp4
Suse	Linux Enterprise Software Development Kit	11	Sp2
Apple	Mac Os X	>= 10.6.8, < 10.7.5	—
Apple	Mac Os X	>= 10.8.0, < 10.8.2	—
Redhat	Application Stack	2.0	—
Redhat	Gluster Storage Server For On-Premise	2.0	—
Redhat	Storage	2.0	—
Redhat	Storage For Public Cloud	2.0	—
Redhat	Enterprise Linux Desktop	6.0	—
Redhat	Enterprise Linux Eus	5.6	—
Redhat	Enterprise Linux Eus	6.1	—
Redhat	Enterprise Linux Eus	6.2	—
Redhat	Enterprise Linux Server	5.0	—
Redhat	Enterprise Linux Server	6.0	—
Redhat	Enterprise Linux Server Aus	5.3	—
Redhat	Enterprise Linux Server Aus	5.6	—
Redhat	Enterprise Linux Workstation	5.0	—
Redhat	Enterprise Linux Workstation	6.0	—

References

http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/Broken Link, Exploit
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041Broken Link
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.htmlMailing List, Third Party Advisory
http://marc.info/?l=bugtraq&m=134012830914727&w=2Mailing List
http://rhn.redhat.com/errata/RHSA-2012-0546.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0547.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0568.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0569.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0570.htmlThird Party Advisory
http://secunia.com/advisories/49014Broken Link
http://secunia.com/advisories/49065Broken Link
http://secunia.com/advisories/49085Broken Link
http://secunia.com/advisories/49087Broken Link
http://support.apple.com/kb/HT5501Third Party Advisory
http://www.debian.org/security/2012/dsa-2465Third Party Advisory
http://www.kb.cert.org/vuls/id/520827Exploit, Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/673343Third Party Advisory, US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2012:068Broken Link
http://www.openwall.com/lists/oss-security/2024/06/07/1Mailing List
http://www.php.net/ChangeLog-5.php#5.4.2Exploit, Patch, Release Notes
http://www.php.net/archive/2012.php#id2012-05-03-1Release Notes
http://www.securitytracker.com/id?1027022Broken Link, Third Party Advisory, VDB Entry
https://bugs.php.net/bug.php?id=61910Exploit, Patch
https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1Patch
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/Mailing List, Release Notes
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/Broken Link, Exploit
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041Broken Link
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.htmlMailing List, Third Party Advisory
http://marc.info/?l=bugtraq&m=134012830914727&w=2Mailing List
http://rhn.redhat.com/errata/RHSA-2012-0546.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0547.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0568.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0569.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0570.htmlThird Party Advisory
http://secunia.com/advisories/49014Broken Link
http://secunia.com/advisories/49065Broken Link
http://secunia.com/advisories/49085Broken Link
http://secunia.com/advisories/49087Broken Link
http://support.apple.com/kb/HT5501Third Party Advisory
http://www.debian.org/security/2012/dsa-2465Third Party Advisory
http://www.kb.cert.org/vuls/id/520827Exploit, Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/673343Third Party Advisory, US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2012:068Broken Link
http://www.openwall.com/lists/oss-security/2024/06/07/1Mailing List
http://www.php.net/ChangeLog-5.php#5.4.2Exploit, Patch, Release Notes
http://www.php.net/archive/2012.php#id2012-05-03-1Release Notes
http://www.securitytracker.com/id?1027022Broken Link, Third Party Advisory, VDB Entry
https://bugs.php.net/bug.php?id=61910Exploit, Patch
https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1Patch
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/Mailing List, Release Notes
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1823US Government Resource

Timeline

Published: May 11, 2012
Last Modified: Jun 16, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2012-1823?

How severe is CVE-2012-1823?

CVE-2012-1823 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 100.00% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.

How do I fix CVE-2012-1823?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-1823?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST