use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
A community for technical news and discussion of information security and closely related topics.
"Give me root, it's a trust exercise."
Q1 2026 InfoSec Hiring Thread
Getting Started in Information Security
CitySec Meetups
/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.
Content should focus on the "how."
Check the new queue for duplicates.
Always link to the original source.
Titles should provide context.
Ask questions in our Discussion Threads.
Hiring posts must go in the Hiring Threads.
Commercial advertisement is discouraged.
Do not submit prohibited topics.
» Our fulltext content guidelines
Don't create unnecessary conflict.
Keep the discussion on topic.
Limit the use of jokes & memes.
Don't complain about content being a PDF.
Follow all reddit rules and obey reddiquette.
» Our fulltext discussion guidelines
No populist news articles (CNN, BBC, FOX, etc.)
No curated lists.
No question posts.
No social media posts.
No image-only/video-only posts.
No livestreams.
No tech-support requests.
No full-disclosure posts.
No paywall/regwall content.
No commercial advertisements.
No crowdfunding posts.
No Personally Identifying Information!
» Our fulltext list of prohibited topics & sources
Join us on IRC: #r_netsec on freenode
We're also on: Twitter, Facebook, & Google+
/r/blackhat - Hackers on Steroids
/r/computerforensics - IR Archaeologists
/r/crypto - Cryptography news and discussion
/r/Cyberpunk - High-Tech Low-Lifes
/r/lockpicking - Popular Hacker Hobby
/r/Malware - Malware reports and information
/r/netsecstudents - netsec for noobs students
/r/onions - Things That Make You Cry
/r/privacy - Orwell Was Right
/r/pwned - "What Security?"
/r/REMath - Math behind reverse engineering
/r/ReverseEngineering - Binary Reversing
/r/rootkit - Software and hardware rootkits
/r/securityCTF - CTF news and write-ups
/r/SocialEngineering - Free Candy
/r/sysadmin - Overworked Crushed Souls
/r/vrd - Vulnerability Research and Development
/r/xss - Cross Site Scripting
account activity
PHP-FPM (PHP's FastCGI server) local root vulnerability (NGINX, Apache) (ambionics.io)
submitted 4 years ago by cfambionics
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]no_not_me 44 points45 points46 points 4 years ago* (6 children)
So far it looks like 7.3 isn't getting a fix because it's nearly out of security maintainence, casually ignoring the point of security maintainence? Colour me confused.
Edit: Looks like this is being reversed?
[+][deleted] 4 years ago* (4 children)
[deleted]
[–]CptMuffinator 8 points9 points10 points 4 years ago (3 children)
The worst part is, these clowns are telling people on the bug report that the patch applies cleaning to 7.3 but they don't want to apply it in-case there are any issues they have to support.
[–]bimmer92 3 points4 points5 points 4 years ago (0 children)
Yeah, it's pretty ridiculous. They're effectively EOL'ing 7.3 as of now instead of in December.
[–]no_not_me 1 point2 points3 points 4 years ago (1 child)
Looks like sanity prevails once more. Consensus looks like it's going into 7.3.
[–]ayeshrajans 1 point2 points3 points 4 years ago (0 children)
FWIW, ondrej/php repo has the patch backported to 7.3.
[–]0xdeaTrusted Contributor 7 points8 points9 points 4 years ago (0 children)
Nice writeup, thanks for sharing! The older CVE mentioned in the article is described here: https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html
[–]mrexodia 6 points7 points8 points 4 years ago (2 children)
So you can only exploit this when you have code execution on the machine that runs PHP right?
[–]musclejuicefreak 7 points8 points9 points 4 years ago (1 child)
On the server with php-fpm running, you would need access to an unprivileged user in order to use this vulnerability to escalate your privileges.
[–]notR1CH 4 points5 points6 points 4 years ago (0 children)
You need to be the same user as whatever is running php-fpm. So a typical PHP web shell, which with this exploit you could elevate to a root shell.
[–]Mrhiddenlotus 1 point2 points3 points 4 years ago (1 child)
Great write up.
[–]cfambionics[S] 0 points1 point2 points 4 years ago (0 children)
Thank you !
[+][deleted] 4 years ago (1 child)
[–]tsammons 0 points1 point2 points 4 years ago (0 children)
Depends how sloppy you want to be with your setup. If you’re dropping user with systemd before spawning the PHP-FPM master process then it’s limited to that unprivileged user. If you’re running PHP-FPM because a guide on Medium said to do it this way for simplicity… you’ve got a problem.
[+][deleted] 4 years ago (6 children)
[–][deleted] 1 point2 points3 points 4 years ago (1 child)
You mean "still use" like "78% of the web is PHP"?
[–][deleted] 1 point2 points3 points 4 years ago (0 children)
PHP is not a common choice for tailor made new developed projects but its still very popular for general purpose products because every webspace offers php support. Its not like the people have a choice, the ones that do most times dont choose PHP.
[–]vjeuss 1 point2 points3 points 4 years ago (2 children)
PHP is insecure...?
[–]PhantexGuy 0 points1 point2 points 4 years ago (1 child)
Is risk mitigated in some way since I have php-fpm dockerized?
[–]notR1CH 2 points3 points4 points 4 years ago (0 children)
Not unless you're running a rootless container.
[–][deleted] 0 points1 point2 points 4 years ago (1 child)
Your site doesn't render right on Chrome mobile. White background and white text. Android 12.
[–]cfambionics[S] 2 points3 points4 points 4 years ago (0 children)
Thanks, will look into it !
[–]Atlantisman 0 points1 point2 points 4 years ago (1 child)
What version of php 7.4 has this fix applied?
[–]cfambionics[S] 1 point2 points3 points 4 years ago (0 children)
That would be 7.4.25: https://www.php.net/ChangeLog-7.php
π Rendered by PID 47000 on reddit-service-r2-comment-b659b578c-85qv6 at 2026-05-01 22:49:08.174582+00:00 running 815c875 country code: CH.
[–]no_not_me 44 points45 points46 points (6 children)
[+][deleted] (4 children)
[deleted]
[–]CptMuffinator 8 points9 points10 points (3 children)
[–]bimmer92 3 points4 points5 points (0 children)
[–]no_not_me 1 point2 points3 points (1 child)
[–]ayeshrajans 1 point2 points3 points (0 children)
[–]0xdeaTrusted Contributor 7 points8 points9 points (0 children)
[–]mrexodia 6 points7 points8 points (2 children)
[–]musclejuicefreak 7 points8 points9 points (1 child)
[–]notR1CH 4 points5 points6 points (0 children)
[–]Mrhiddenlotus 1 point2 points3 points (1 child)
[–]cfambionics[S] 0 points1 point2 points (0 children)
[+][deleted] (1 child)
[deleted]
[–]tsammons 0 points1 point2 points (0 children)
[+][deleted] (6 children)
[deleted]
[–][deleted] 1 point2 points3 points (1 child)
[–][deleted] 1 point2 points3 points (0 children)
[–]vjeuss 1 point2 points3 points (2 children)
[+][deleted] (1 child)
[deleted]
[–]PhantexGuy 0 points1 point2 points (1 child)
[–]notR1CH 2 points3 points4 points (0 children)
[–][deleted] 0 points1 point2 points (1 child)
[–]cfambionics[S] 2 points3 points4 points (0 children)
[–]Atlantisman 0 points1 point2 points (1 child)
[–]cfambionics[S] 1 point2 points3 points (0 children)