← ExploitWatch
HomeExploited Vulnerabilities

CVE-2019-11043 — Actively Exploited: FastCGI Process Manager (FPM) (PHP)

In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.

CVE IDCVE-2019-11043
VendorPHP
ProductFastCGI Process Manager (FPM)
Vulnerability namePHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability
Date added2022-03-25
Remediation due2022-04-15
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionIn some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →