Vulnerability Description
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Thinkphp | Thinkphp | < 6.0.14 |
Related Weaknesses (CWE)
References
- https://github.com/top-think/framework/commit/c4acb8b4001b98a0078eda25840d33e295PatchThird Party Advisory
- https://github.com/top-think/framework/compare/v6.0.13...v6.0.14PatchThird Party Advisory
- https://tttang.com/archive/1865/ExploitThird Party Advisory
- https://github.com/top-think/framework/commit/c4acb8b4001b98a0078eda25840d33e295PatchThird Party Advisory
- https://github.com/top-think/framework/compare/v6.0.13...v6.0.14PatchThird Party Advisory
- https://tttang.com/archive/1865/ExploitThird Party Advisory
FAQ
What is CVE-2022-47945?
CVE-2022-47945 is a vulnerability with a CVSS score of 9.8 (CRITICAL). ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit ...
How severe is CVE-2022-47945?
CVE-2022-47945 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-47945?
Check the references section above for vendor advisories and patch information. Affected products include: Thinkphp Thinkphp.