## https://sploitus.com/exploit?id=933EA49A-063F-5749-9610-B9F56EA542AF
# craft-cms-RCE-CVE-2024-56145
A POC lab environment for CVE-2024-56145 CraftCMS RCE.
## Vulnerability Description
A potential RCE vulnerability is found in craftCMS if the `register_argc_argv` option is enabled in php.ini. This is a POC lab environment where you can reproduce and exploit the bug.
The full explotation steps of the bug can be found at [Aesstnote Blog](https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms).
## Lab Setup
You have to download this full repo rather than downloading the zip file as some files contain the application configuration. Run `sudo ./build_docker.sh` to setup the lab.