Good afternoon, I am writing from Bogotá - Colombia, we have a netonix WS-8-150-DC installed in the network of one of our clients and they have a team that monitors their entire network and sent us the following message:
The remote web server uses a version of PHP that is affected by a remote code execution vulnerability. (PHP <5.3.12 / 5.4.2 CGI Query String Code Execution), (CGI abuses). Proposed mitigation: Upgrade to PHP version 7.1.x / 7.2.x / 7.3.x
Our question is: What version of PHP does netonix use and is it possible to do what our client requests?
Thanks for your quick response.
Versión PHP WS-8-150-DC
- jsanchez
- Member
- Posts: 5
- Joined: Fri Nov 02, 2018 1:49 pm
- Has thanked: 0 time
- Been thanked: 0 time
-
Stephen - Employee
- Posts: 1033
- Joined: Sun Dec 24, 2017 8:56 pm
- Has thanked: 85 times
- Been thanked: 181 times
Re: Versión PHP WS-8-150-DC
The switch uses php-cli version 5.2.6 internally, the majority of the switch functionality via the web UI is built from it and although I have plans to eventually upgrade this to a later version of php or preferably use a different framework altogether, it is not possible for me to do so now.
- adnan
- Member
- Posts: 1
- Joined: Fri Jun 16, 2023 9:51 am
- Has thanked: 0 time
- Been thanked: 0 time
Re: Versión PHP WS-8-150-DC
Good morning, Still seeing this vulnerability in switches, when the Netonix team would be able to upgrade, or still in progress?
3 posts
Page 1 of 1
Who is online
Users browsing this forum: No registered users and 7 guests