CVE-2022-47945

Name of the Vulnerable Software and Affected Versions ThinkPHP Framework versions prior to 6.0.14

Description The issue allows local file inclusion via the lang parameter when the language pack feature is enabled (lang switch on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. Over 572 IPs have launched attacks, with exploitation attempts spiking recently.

Recommendations For ThinkPHP Framework versions prior to 6.0.14, consider disabling the language pack feature by setting lang switch on=false until a patch is available. Restrict access to the lang parameter to minimize the risk of exploitation.