Web servers using nginx and PHP-FPM are vulnerable to this flaw under certain conditions. Background On October 22, security researcher Omar Ganiev published a tweet regarding a “freshly patched” remote code execution vulnerability in PHP-FPM, the FastCGI Process Manager (FPM) for PHP. The tweet includes a link to a GitHub repository containing a proof of concept (PoC) for the vulnerability. Fresh
![CVE-2019-11043: Vulnerability in PHP-FPM Could Lead to Remote Code Execution on nginx](https://cdn-ak-scissors.b.st-hatena.com/image/square/40e2f4d3315a0c9b02c93c21e665c601ed091b36/height=288;version=1;width=512/https%3A%2F%2Fwww.tenable.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2F640x360%2Fpublic%2Fimages%2Farticles%2FTenableResearchCEAlertMedium_10.jpg%3Fitok%3DaESi6XEb)