CVE-2022-47945

CVSS v3.1

9.8

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ThinkPHP Framework versions prior to 6.0.14

Description The issue allows local file inclusion via the

lang

parameter when the language pack feature is enabled (

lang switch on=true

). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including

pearcmd.php

. Over 572 IPs have launched attacks, with exploitation attempts spiking recently.

Recommendations For ThinkPHP Framework versions prior to 6.0.14, consider disabling the language pack feature by setting

lang switch on=false

until a patch is available. Restrict access to the

lang

parameter to minimize the risk of exploitation.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2022-47945

GHSA-P4QR-VQ2G-22WP

Thinkphp Framework