Critical severityNVD Advisory· Published Jul 3, 2025· Updated Apr 15, 2026

CVE-2025-34061

Description

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without proper validation. This leads to remote code execution as the web server user, compromising the affected system.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phpstudy_backdoor_rce.rbnvd
www.xp.cn/phpstudynvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.061
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000