https://www.tenable.com/blog/cve-2019-11043-vulnerability-in-php-fpm-could-lead-to-remote-code-execution-on-nginx
취약점이 작동하기 위한 조건은
- The nginx location directive forwards requests to PHP-FPM
- The fastcgi_split_path_info directive is present and includes a regular expression beginning with a ‘^’ symbol and ending with a ‘$’ symbol
- The fastcgi_param directive is used to assign the PATH_INFO variable
- There are no checks in place to determine whether or not a file exists (e.g., using try_files or an if statement)
cve-2019-11043
패치된 버전은
이고 이전 버전들에 백포트는 아직 안 된 걸로 보여요(아니면 제가 모르던가)