SecuriTricks - CVE-2017-9841

9 Year-Old PHP Vulnerability Keeps Swinging As One of the Most Targeted Vulnerabilities

CVE-2017-9841, a remote code execution vulnerability in PHPUnit's eval-stdin.php file, remains highly exploited nearly a decade after disclosure. Analysis reveals over 80,000 exploitation attempts detected in 30 days, with 36,500 hits in the last 10 days alone. The vulnerability affects PHPUnit ver…

CVE-2024-4577

androxgh0st

CVE-2021-41773

CVE-2017-9841

remote code execution

web application security

Published: May 19, 2026

Linked vulnerabilities : CVE-2024-4577 (CVSS 9.8), CVE-2021-41773, CVE-2017-9841, CVE-2022-47945

Downloadable IOCs: 5

Analyzing React2Shell Threat Actors

This report analyzes the exploitation of CVE-2025-55182, known as React2Shell, a critical vulnerability in React Server Components. It examines various attack payloads, including credential harvesters, reverse shells, and botnet loaders. The analysis reveals rapid weaponization of the vulnerability…

react server components

2026-01-17

CVE-2019-9082

reactonmynuts

Published: January 17, 2026

Linked vulnerabilities : CVE-2024-4577 (CVSS 9.8), CVE-2022-42475, CVE-2017-9841, CVE-2019-9082, CVE-2023-1389, CVE-2025-31324 (CVSS 10.0), CVE-2022-24847, CVE-2022-22947, CVE-2025-55182 (CVSS 10.0), CVE-2022-47945

Downloadable IOCs: 9

Who You Gonna Call? AndroxGh0st Busters!

This report discusses the AndroxGh0st malware, a Python-scripted threat targeting Laravel web applications to steal sensitive data like credentials and abuse other functionality. It exploits vulnerabilities like CVE-2017-9841, CVE-2018-15133, and CVE-2021-41773. The malware scans for exposed .env f…

Published: July 17, 2024

Linked vulnerabilities : CVE-2021-41773, CVE-2018-15133, CVE-2017-9841

Downloadable IOCs: 7

Tag: CVE-2017-9841

Attack reports

9 Year-Old PHP Vulnerability Keeps Swinging As One of the Most Targeted Vulnerabilities

Analyzing React2Shell Threat Actors

Who You Gonna Call? AndroxGh0st Busters!