Zend Framework Remote Code Execution vulnerability (CVE-2021-3007)

Zend Framework, used by developers to build object-oriented web applications, consists of PHP packages installed millions of times all over the globe. The framework along with Laminas Project is vulnerable to untrusted deserialization, leveraging attacker’s ability to exploit it to gain Remote Code Execution (RCE) on vulnerable PHP sites. Tracked as CVE-2021-3007 and rated high-risk, … Continue reading “Zend Framework Remote Code Execution vulnerability (CVE-2021-3007)”